Hi.
Out of curiosity, which objects does the ldap module check for checkitems and
replyitems? Only the object that identifies the user and the object pointed to
by User-Profile?
I mapped a seeAlso attribute in ldap.attrmap but I don't see it being pulled
from a group object the user is matched
Right now we have freeradius configured so that EAP and non-EAP are handled by
separate virtual servers which are listening on separate virtual ports.
We'd like to simplify our configuration and use the same port for both. I've
looked through the documentation without much success.
Does anyone
Bruce Bauman wrote:
Right now we have freeradius configured so that EAP and non-EAP are
handled by separate virtual servers which are listening on separate
virtual ports.
Why?
We'd like to simplify our configuration and use the same port for both.
I've looked through the documentation
On 03/07/13 15:29, Bruce Bauman wrote:
Right now we have freeradius configured so that EAP and non-EAP are
handled by separate virtual servers which are listening on separate
virtual ports.
We'd like to simplify our configuration and use the same port for both.
I've looked through the
Hi Arran,
Could you tell me what is the reason why there are duplicated records in
radacct? NAS's configuration mistakes? Why AcctUniqueId is not a UNIQUE
INDEX by default? Is a bug?
Could I have any problem after execute this alter into the radacct table?
I hope your answer.
Best regards,
On 3 Jul 2013, at 15:50, Antonio Fernández Pérez
antoniofernan...@fabergames.com wrote:
Hi Arran,
Could you tell me what is the reason why there are duplicated records in
radacct? NAS's configuration mistakes? Why AcctUniqueId is not a UNIQUE INDEX
by default? Is a bug?
Should of been
I have reported you dozens of times as spam yet get several emails a day
from you. I am not a part of a technicians advice social net work site a
university campus tit bits on the delight of identifying gremlins on a
computer or discussion forum group on the intricacies of using a computer.
What
On 3 Jul 2013, at 16:07, RONAN BLANEY ikeavolkswa...@gmail.com wrote:
I have reported you dozens of times as spam yet get several emails a day from
you. I am not a part of a technicians advice social net work site a
university campus tit bits on the delight of identifying gremlins on a
Ok, thank you for your answer.
Best regards,
Antonio.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Júlíus Þór Bess Ríkharðsson wrote:
For some reason I cannot get Stripped-User-Name attribute to get
populated when using nostrip for a realm. Is this normal behaviour or am
I missing something?
That's how it works. If you don't strip the name, you don't get a
stripped name.
I need the
On 03/07/13 16:24, Júlíus Þór Bess Ríkharðsson wrote:
Hi,
For some reason I cannot get Stripped-User-Name attribute to get
populated when using nostrip for a realm. Is this normal behaviour or am
I missing something?
Normal. nostrip means don't populate Stripped-User-Name
I need the
Ok. I'll be firing up gdb and adding more logging. Before I did that I added a
post_proxy detail log to see what the proxy server saw in that phase and for
Access-Rejected packets they never get to the post_proxy section. Not sure if
that sheds any more light on this.
Anyway, so I know where
On 3 Jul 2013, at 17:19, Ti Leggett legg...@mcs.anl.gov wrote:
Ok. I'll be firing up gdb and adding more logging. Before I did that I added
a post_proxy detail log to see what the proxy server saw in that phase and
for Access-Rejected packets they never get to the post_proxy section. Not
Hi.
I had to create 3 instances for the ldap module. One is the default
ldap {
}
and then I got two named
ldap ldap-eduroam {
}
ldap ldap-netdefault {
}
I'm using the two named for doing attribute pulling in post-proxy.
Now my setup stopped working because suddenly ldap-eduroam was
On 03/07/13 17:34, Martin Kraus wrote:
Now my setup stopped working because suddenly ldap-eduroam was checking for
groups when matching Ldap-Group. I was under the impression that when not
specificed with ldap-eduroam-Ldap-Group the default ldap entry would be used.
No. Most recently
On 3 Jul 2013, at 17:34, Martin Kraus lists...@wujiman.net wrote:
Hi.
I had to create 3 instances for the ldap module. One is the default
ldap {
}
and then I got two named
ldap ldap-eduroam {
}
ldap ldap-netdefault {
}
That right there:
On 3 Jul 2013, at 17:47, Phil Mayers p.may...@imperial.ac.uk wrote:
On 03/07/13 17:34, Martin Kraus wrote:
Now my setup stopped working because suddenly ldap-eduroam was checking for
groups when matching Ldap-Group. I was under the impression that when not
specificed with
Hi,
We'd like to simplify our configuration and use the same port for both.
the default configuration does that
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Júlíus Þór Bess Ríkharðsson wrote:
Alan: The goal is to be able to use EAP and still be able to authorize user
using LDAP. The objects name is obviously not named realm\user.
Yes. Plenty of other people get this to work.
The behaviour is the same for EAP (just longer output :)), I don't
Ti Leggett wrote:
Ok. I'll be firing up gdb and adding more logging. Before I did that I added
a post_proxy detail log to see what the proxy server saw in that phase and
for Access-Rejected packets they never get to the post_proxy section.
I'm not sure how that happens. The proxy reply is
Hi,Thanks for your replies...I'm not sure why you say that my LDAP is not working because in the second debug output you can see that I find the object and use it's DN and also extract an attribute from the object. There is no known good password however because AD doesn't store clear-text
Júlíus Þór Bess Ríkharðsson wrote:
I'm not sure why you say that my LDAP is not working because in the
second debug output you can see that I find the object and use it's DN
and also extract an attribute from the object. There is no known good
password however because AD doesn't store
Can I know what brand of radius server you are going to use for EAP-SIM/AKA
? I am interesting on this
On Tue, Jul 2, 2013 at 3:51 PM, Phil Mayers p.may...@imperial.ac.uk wrote:
On 07/02/2013 07:56 AM, Ming-Ching Tiew wrote:
So this
Hello
Currently trying to implement a way to get the Ldap-Group used for checking
(within acct_users) into the Accounting-Request packet as the Class attribute..
I can get it to send a static variable just fine using; (I'm proxying the
account messages)
update request {
Class
24 matches
Mail list logo