> Chuang Okis wrote:
> > I think you misunderstanding my point a bit. Maybe I don't express it
clear
> enough.
> > I only need fixing my *source port* instead of random port, I don't care
IP
> address at all.
>
> Ah, OK.
>
> > Actually, due to some maintenance issue, we want to know that could
On Tue, Apr 30, 2013 at 4:31 AM, Grégoire Leroy
wrote:
> Maybe I was not clear enough above.
>
> What I want is :
> 1) Set the password for the user
> 2) Authentication of the user
> 3) X is always added to the reply if the user is authenticated
> 4) Moreover, Y is added to the reply for NAS, stil
Thank you I'll check with the samba people and get a better understanding
of how ntlm_auth works.
On 29 Apr 2013 13:58, "Alan DeKok" wrote:
> FreeRadius List wrote:
> > I use redundant-load-balance for ldap user auth to authenticate users to
> > a pool of active directory servers for one service.
Hi,
Le Monday 29 April 2013 20:30:15, a.l.m.bu...@lboro.ac.uk a écrit :
> Hi,
>
> > The thing is, I don't know how many attributes I have. It could be
> > 1, 4, 10 and not always the same. That's why I want to retrieve from
> > the database the value, the op and the attribute.
>
> just use
Hi,
>Hi Alan, i m sorry i m sorry if i m not being clear enough, but please
>consider the example from my last reply:
...you've written this 3 or 4 times. its clear. we see what you are saying but
you are not taking the answers given to you.
alan
-
List info/subscribe/unsubscribe? See ht
Hi Alan, i m sorry i m sorry if i m not being clear enough, but please consider
the example from my last reply: this is the code in the
module:pairadd(&request->reply->vps,pairmake("3GPP2-Prepaid-Acct-Quota-QuotaIDentifier","1",
T_OP_EQ));
and this is what travels on the wire:
subtype = 01 (3GP
Hi,
> The thing is, I don't know how many attributes I have. It could be
> 1, 4, 10 and not always the same. That's why I want to retrieve from
> the database the value, the op and the attribute.
just use authorize_group_reply_query and the "groupreply_table =
"radgroupreply""
part of sql.
Chuang Okis wrote:
> I think you misunderstanding my point a bit. Maybe I don't express it clear
> enough.
> I only need fixing my *source port* instead of random port, I don't care IP
> address at all.
Ah, OK.
> Actually, due to some maintenance issue, we want to know that could we fix
> o
> The user 'bob' does not exist, so FreeRADIUS does the correct thing (i.e.
> rejecting the user). This has not been in doubt at all.
>
Instantiate a new EAPTTLSAuthenticator() for each authentication session
and you should be fine. The Authenticator class is there to maintain a
context through
Hi Guys, I have another Cuestion.
How can I convert the username to UPPERCASE in the authorization section?
Or how can I Authorize only the Username wittren in UPPERCASE?
Thanks
2013/4/19 Andres Gomez Ruiz
> Thanks a lot guys!
>
> Both methods work. Finally I used the regex in the Authorize s
Thanks again for the confirmation, Alan.
:-)
Stefan
-Original Message-
From: freeradius-users-bounces+stefan.paetow=diamond.ac...@lists.freeradius.org
[mailto:freeradius-users-bounces+stefan.paetow=diamond.ac...@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: 29 April 2013 15:35
stefan.pae...@diamond.ac.uk wrote:
> However, when you go to the bottom of the output, where the request for user
> 'steve' (who is a valid user, and for whom a correct password was supplied)
> is sent, the request fails. The session for 'steve' is partial and stops
> prematurely, which leads me
Hello,
if (Huntgroup-Name == 'one_huntgroup_name') {
update reply {
attribute1 := "%{sql:SELECT blah blah}
attribute2 := "%{sql:SELECT blah blah}
attribute3 := "%{sql:SELECT blah blah}
attribute4 := "%{sql:SELECT blah blah}
}
}
The thing is, I d
I think you misunderstanding my point a bit. Maybe I don't express it clear
enough.
I only need fixing my *source port* instead of random port, I don't care IP
address at all.
Actually, due to some maintenance issue, we want to know that could we fix our
arc port while our freeRADIUS AS A ROAM
Mehdi Ravanbakhsh wrote:
> first one that is not huge that is one NAS in local network . and i
> have just 4 question in general and in all of them i read , test and try
> by any document that be available for freeradius first.
>
> but if my question nuisance you , i apologize for that .
Don'
Hi,
> The thing I want to be added by radius in the reply :
> if (Huntgroup-Name == 'one_huntgroup_name') {
>Attribute1 op1 value1
>Attribute2 op2 value2
>...
>Attributei opi valuei
> }
> Given that Attribute,op,value 1...i are in the MySQL table.
> if (Huntgroup-Name == 'one_hun
For the step 4, I have to :
1) Retrieve the huntgroup
2) Compare it with what the user sends
3) If it matches, give him his specific statement.
So, if I understand correctly in the authorize section, I have to
maintain a radipusers table for my IP/users and do something like :
1)
update request
dear A.L.M.Buxe
first one that is not huge that is one NAS in local network . and i have
just 4 question in general and in all of them i read , test and try by any
document that be available for freeradius first.
but if my question nuisance you , i apologize for that .
On Mon, Apr 29, 2013
hi,
are you one person or a while team? looking through my emails you have asked
multiple
questins every day. thsi seems like a big project you are tackling here but
using the
users mailing list for all your help/advice. thats abuse.
alan
-
List info/subscribe/unsubscribe? See http://www.freer
Hi Alll
i need to Grab request password to insert in database if
Cleartext-Password is "import" so i write this unlang script in
authenticate section :
Auth-Type PAP {
pap {
reject = 1
}
if (reject) {
if ("%{control:Cleartext-Password}"=
Alan,
The user 'bob' does not exist, so FreeRADIUS does the correct thing (i.e.
rejecting the user). This has not been in doubt at all.
However, when you go to the bottom of the output, where the request for user
'steve' (who is a valid user, and for whom a correct password was supplied) is
s
stefan.pae...@diamond.ac.uk wrote:
> We're trying to put together an EAP-TTLS authentication solution with another
> open-source authentication server (Jasig CAS). We've found that only the
> first authentication process succeeds, but everything else after fails. In
> order for us to pinpoint wh
FreeRadius List wrote:
> I use redundant-load-balance for ldap user auth to authenticate users to
> a pool of active directory servers for one service. That seems to work well.
Because the LDAP module maintains a long-lived connection to the LDAP
server.
> I'm trying to think why I don't do tha
Okis Chuang wrote:
> Yeah…Actually I almost k knew it that I cannot achieve this hope
> while seeing the document.
Huh? You *can* set the source IP address. Go read the proxy.conf
file. This is documented. In great detail. Including *how* to do it.
If your proxy.conf doesn't have
ramakrishna wrote:
> I have not used any of the 1.x versions of freeradius. However I have
> used 2.1.12 initially and finally migrated to 2.2. Could you please
> lemme know how to trace any incompatibilities if any between the two
> versions?
My point was that's hard to do. Instead, ensure you
Hi,
We're trying to put together an EAP-TTLS authentication solution with another
open-source authentication server (Jasig CAS). We've found that only the first
authentication process succeeds, but everything else after fails. In order for
us to pinpoint whether this is a problem in the CAS so
Hello
I use redundant-load-balance for ldap user auth to authenticate users to a
pool of active directory servers for one service. That seems to work well.
I'm trying to think why I don't do that for ntlmauth (used inside mschap
inner-tunnel) for another other service.
I've knocked that up to te
On Mon, Apr 29, 2013 at 5:02 PM, ramakrishna
wrote:
> Also please find the attached file which has only memory access errors which
> are leading to dump finally. Could you please suggest some way to get rid of
> those errors?
Have you tried installing on a fresh solaris box, or using prebuilt
pac
I have found the solution just add this group membership filter in
/etc/raddb/modules/ldap file.
groupmembership_filter =
"(&(objectcategory=group)(member:1.2.840.113556.1.4.1941:=%{control:Ldap-UserDn}))"
From: tche...@hotmail.com
To: freeradius-users@lists.freeradius.org
Subject: authentificat
Hi Alan,
Thanks for your suggestions.
I have not used any of the 1.x versions of freeradius. However I have used
2.1.12 initially and finally migrated to 2.2. Could you please lemme know
how to trace any incompatibilities if any between the two versions?
Also please find the attached file which
Hi,
>i test it , but if i use Cisco-AVPair[0] and Cisco-AVPair[1] first one
>and second one is not working.
you need to check which attribute is which.
>Do i need to to move them in some variable then use regular exertion
>?(soothing like this) :
>
>value0 := %{Cisco-AVP
Hi,
>I am just wondering if I can use freeradius for hotspot and dial up
>accounts on same box or does it have to be separate box for hotspot and
>dial up accounts?
that would depend on how you configured it and had each function isolated when
not needing same resources etc. we use ou
Dear Olivier
thanks for your information
On Mon, Apr 29, 2013 at 11:36 AM, Olivier Beytrison
wrote:
> On 28.04.2013 23:30, Mehdi Ravanbakhsh wrote:
> > DearOlivier
> >
> > I am try to test it but why first one is working ?!!! do you check my
> > regular expression in second one ? i do it co
On 28.04.2013 23:30, Mehdi Ravanbakhsh wrote:
> DearOlivier
>
> I am try to test it but why first one is working ?!!! do you check my
> regular expression in second one ? i do it correctly ?
I'm quoting the man page.
man unlang :
%{Attribute-Name[index]}
Reference the N'th occurance of the
34 matches
Mail list logo