On Tue, Oct 30, 2012 at 07:02:02PM +, Phil Mayers wrote:
> +1
>
> Personally I'd rather the latter format everywhere, even unlang:
>
> update {
> request:foo = 1
> }
Agreed - having that option would make things much tidier when
several things in different lists are being updated at once.
+1
Personally I'd rather the latter format everywhere, even unlang:
update {
request:foo = 1
}
John Dennis wrote:
>
>What I'd like to see is the individual modules converging on common
>behavior so there is a consistent model.
>
>I suspect a number of the modules were written independently
>
>> If rlm_rest and rlm_cache have attribute models that are elegant and well
>> thought out then let's move everything to that model. On the other hand if
>> ulang is conceptually cleaner then lets move rlm_rest and rlm_cache to a
>> ulang solution. Pick one idea and make everything follow th
On Tue, Oct 30, 2012 at 02:40:35PM +0100, Oliver Werner wrote:
> I would configure my Switch-Ports Mac-Based. When a Computer
> wired a Perl-Script should check the Username and gives VLAN
> back.
You can probably do this without a perl script, however -
> exec {
> wait = yes
> pr
On 30 Oct 2012, at 13:00, John Dennis wrote:
> On 10/30/2012 06:38 AM, Arran Cudbard-Bell wrote:
>> Quick poll.
>>
>> For 3.0 the ldap module will be moving away from using the
>> ldap.attrmap file and instead use a config based mapping.
>>
>> There are a few ways we are considering for organi
On 30 Oct 2012, at 14:13, Deep Shah wrote:
> Sorry for inconvenience.
>
> I have enabled flag of mips in md5.c file of pam_radius_auth and my issue is
> resolved now.
Ahhh.
https://github.com/FreeRADIUS/pam_radius/commit/c61a218efb2a0ec4f493bcc9fa735306f779ea64
-Arran
-
List info/subscrib
We use more then two VLANs.
The PCs authorize with the MAC-Address. So i would check the Database for this
MAC and read the defined VLAN.
Am 30.10.2012 um 14:55 schrieb Michael Schwartzkopff :
>> Hello,
>>
>> I'm useing FreeRADIUS in Version 2.1.10.
>>
>> I would configure my Switch-Ports M
Sorry for inconvenience.
I have enabled flag of mips in md5.c file of pam_radius_auth and my issue
is resolved now.
Regards,
Deep
On Tue, Oct 30, 2012 at 11:20 AM, Fajar A. Nugraha wrote:
> On Tue, Oct 30, 2012 at 12:42 PM, Deep Shah
> wrote:
> > Hi,
> >
> > Thank you for your reply.
> >
>
> Hello,
>
> I'm useing FreeRADIUS in Version 2.1.10.
>
> I would configure my Switch-Ports Mac-Based. When a Computer wired a
> Perl-Script should check the Username and gives VLAN back.
Why so complicated?
FreeRADIUS can do this out of the box, provided the NAS (switch) can do this.
--
Dr.
Hello,
I'm useing FreeRADIUS in Version 2.1.10.
I would configure my Switch-Ports Mac-Based. When a Computer wired a
Perl-Script should check the Username and gives VLAN back.
For a simple Test i don't have some conditions in the Script only outputs:
use strict;
use warnings;
use DBI;
### Swi
On 10/30/2012 06:38 AM, Arran Cudbard-Bell wrote:
Quick poll.
For 3.0 the ldap module will be moving away from using the
ldap.attrmap file and instead use a config based mapping.
There are a few ways we are considering for organising the mapping.
We can use something like the existing unlang:
On 10/30/2012 03:23 AM, Alan DeKok wrote:
Fajar A. Nugraha wrote:
What's the recommended method for authenticating against Linux system
users? I thought pam was the better one?
Maybe. getpwent() or getspwent() should work.
Also, is the "big warning" still valid?
Likely, yes. I've b
I pull out only the attributes I need and change ldap.attrmap to match my
schema. Personally, I can live with either config method.
Arran Cudbard-Bell wrote:
>Quick poll.
>
>For 3.0 the ldap module will be moving away from using the ldap.attrmap file
>and instead use a config based mapping.
>
Oh my, any linux/bsd system with 128MB of RAM or you can even try a
http://www.raspberrypi.org/ :)
- Original Message -
From: "fknet"
To: freeradius-users@lists.freeradius.org
Sent: Tuesday, October 30, 2012 12:31:54 PM
Subject: Re: Ideal SO and hardware for FreeRadius+MySQL
What v
fknet wrote:
> What virtual machine does you recommend Alan?
It doesn't matter. I've used all of them.
A VM with ~1G of RAM, one CPU, and ~10G of disk space is tiny by
todays standards. It should be enough to handle 20K users.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://ww
Quick poll.
For 3.0 the ldap module will be moving away from using the ldap.attrmap file
and instead use a config based mapping.
There are a few ways we are considering for organising the mapping.
We can use something like the existing unlang:
update control {
Cleartext-Password := use
What virtual machine does you recommend Alan?
thanks
Em 30/10/2012 07:49, Alan DeKok escreveu:
Bjørn Mork wrote:
You're right. Time to save some power replacing all those idling x86
CPUs with last years phones :-)
Most people with small RADIUS systems should really be running them in
a VM
Bjørn Mork wrote:
> You're right. Time to save some power replacing all those idling x86
> CPUs with last years phones :-)
Most people with small RADIUS systems should really be running them in
a VM. There are few reasons to run dedicated hardware for ~10K users.
Alan DeKol.
-
List info/sub
Arran Cudbard-Bell writes:
> On 30 Oct 2012, at 07:57, Bjørn Mork wrote:
>> Alan DeKok writes:
>>> fknet wrote:
Hello people!
What's the ideal Hardware (processor+memory) to run FreeRadius+MySQL for
authentication of 3000 PPPoE users?
>>>
>>> Any iPhone 4 could handle that
On 30 Oct 2012, at 07:57, Bjørn Mork wrote:
> Alan DeKok writes:
>> fknet wrote:
>>> Hello people!
>>>
>>> What's the ideal Hardware (processor+memory) to run FreeRadius+MySQL for
>>> authentication of 3000 PPPoE users?
>>
>> Any iPhone 4 could handle that traffic.
>
> Yes, but how do I bui
Alan DeKok writes:
> fknet wrote:
>> Hello people!
>>
>> What's the ideal Hardware (processor+memory) to run FreeRadius+MySQL for
>> authentication of 3000 PPPoE users?
>
> Any iPhone 4 could handle that traffic.
Yes, but how do I build FR for an iphone?
Bjørn :-)
-
List info/subscribe/unsub
Fajar A. Nugraha wrote:
> What's the recommended method for authenticating against Linux system
> users? I thought pam was the better one?
Maybe. getpwent() or getspwent() should work.
> Also, is the "big warning" still valid?
Likely, yes. I've been avoiding PAM for nearly a decade now. I
On Tue, Oct 30, 2012 at 2:04 PM, Alan DeKok wrote:
>> ++[unix] returns notfound
>
> That's pretty definitive. The user isn't in /etc/passwd, or
> /etc/shadow. Or, the server can't read it.
What's the recommended method for authenticating against Linux system
users? I thought pam was the bette
Jacobs, Joseph wrote:
> I’m trying to set up Freeradius to authenticate against the local Linux
> user accounts.
..
> joe2 Auth-Type := System (I’ve tried this with both := and =)
Don't do that.
> bob Cleartext-Password := "hello"
OK.
Then:
> [files] users: Matched entry bob at line 8
24 matches
Mail list logo