Thanks Ivan :)
I agree its not a perl issue but still something to correct. Organization
select naming schemes for their employees and now those that begin with r
would be denied access.
How can I assist to correct this issue for those cases with /r
Thanks
This is nothing to do with perl.
to help
On Mon, Sep 22, 2008 at 11:42 AM, Alan DeKok [EMAIL PROTECTED]wrote:
Charlie B wrote:
Hi Alan, it is lc'ing it, however it is also moving the r from the
beginning of the username to the end of the username, which is what Im
trying to stop
I think it's a bug in the code. Please
Awesome, can you tell where to find the freeradius-utils-2.1.1?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Actually for Fedora/Redhat and yes it would contain radtest and now upgraded
to radmin but I'm looking for the package, I looked to build the rpm from
freeradius-server-2.1.1.tar.gz but was unable to for the utils, so thought I
would ask to see were I could grab them
I'm guessing that the
Thanks Alan,
I have the git master tar file, do you recommend I do a git diff to try and
find the differences or how best to proceed to narrow down the issue.
Thanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Alan,
Where can I find tarball for freeradius-server-2.1.1? I'm going the rpm
build so I can run the test. I didnt' see it on the ftp site.
thx
Please BUILD and RUN the server to see if the recent changes fixed it.
Wandering through the source code won't help unless you know what
Hello Ivan,
How do I get it to spit it out after the change?
I can get it prior to:
rlm_perl: RAD_REQUEST: NAS-Port-Type = Ethernet
rlm_perl: RAD_REQUEST: Service-Type = Framed-User
rlm_perl: RAD_REQUEST: Calling-Station-Id = 00-15-C5-02-39-99
rlm_perl: RAD_REQUEST: Called-Station-Id =
Hello Alan,
I changed the script, as per your indication to return MODULE_UPDATED rather
than OK and get the following:
rlm_perl: Added pair NAS-Port-Type = Ethernet
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Calling-Station-Id = 00-15-C5-02-39-99
rlm_perl: Added pair
but its not altering (apart from LC'ing it) - as your other
post shows.
Hi Alan, it is lc'ing it, however it is also moving the r from the
beginning of the username to the end of the username, which is what Im
trying to stop
-
List info/subscribe/unsubscribe? See
Post the full debug for a radtest request with uppercase username. That
logging function should go before you work with attributes. debug
already logs what comes after.
Hello Ivan,
Here is the debug using radtest
radtest RadUser [EMAIL PROTECTED] localhost 10 testing123
FreeRADIUS Version
Hi Alan,
I run the same config (as previous post) which works as you indicated (and
Ivan) with radtest however when I use a windows client this is what I
get and the rearrangement of the username
rad_recv: Access-Request packet from host 10.0.1.9 port 1645, id=203,
length=139
Hi Alan,
Did you want me to compare with git tree for 2.1 or with my current version
2.0.5? thx
I think it's a bug in the code. Please try the current git tree. See
git.freeradius.org for instructions on grabbing a tar file if you
don't have git.
Alan DeKok.
-
List
Nobody :( have any tidbits to help me isolate this, obviously its not the
perl script but what is altering the username.
Thanks
-- Forwarded message --
From: Charlie B [EMAIL PROTECTED]
Date: Thu, Sep 18, 2008 at 10:52 AM
Subject: rlm-perl lc usernames
To: freeradius-users
Hello,
Anyone can help me with this perl script (at bottom) which seem to be
causing more than a simple lc, it seems to move the first character to the
end...
rlm_perl: Added pair User-Name = *\\raduser
rlm_perl: Added pair EAP-Message = 0x02020011014e494e545c52616455736572
rlm_perl: Added
Hello Thomas,
Can we take this and start from scratch or walk thru it? Let me know (send
me an email) as we can walk thru offline if you like
We are running Fedora 9 32bit and 64bit with freeradius 2.0.5
eap-peap-mschapv2
eap-ttls-mschapv2
eap-ttls-pap
against LDAP (AD) with group filtering
Hello Jason,
Did you get this worked out?
Alan has a great readme that details how to generate your certificate
request, then simply get your WinCA to sign it, copy it over and if required
convert to pem from the csr/base64
Let me know if you need anything more...
-
List
Sep 15 01:07:58 rad1 kernel: radiusd[26743] general protection ip:44216fc
sp:b57fe040 error:0 in libcrypto.so.0.9.8g[4398000+137000]
Sep 17 08:18:21 rad1 kernel: radiusd[536] general protection ip:44216fc
sp:b75f5040 error:0 in libcrypto.so.0.9.8g[4398000+137000]
Help, any idea what is going on
Thanks Allan,
I appreciate it, unfortunately no update to openssl to see if that rectifies
the issue, just implemented monit to ensure service is always running.
Thanks again!
On Wed, Sep 17, 2008 at 9:12 AM, Alan DeKok [EMAIL PROTECTED]wrote:
Charlie B wrote:
Sep 15 01:07:58 rad1 kernel
We are running Fedora 9, dual NIC (one shutdown) right now and everything
works great except for AD usercase issues. Did you simply disable your
secondary NIC watch the traffic stream?
On Wed, Sep 17, 2008 at 2:04 PM, Casartello, Thomas
[EMAIL PROTECTED]wrote:
Ok this is very bizarre. It
Hello,
I just wanted to ask how you guys are dealing with the seemingly case
sensitive nature of AD 2003 (Pre-Windows 2000 Username) with radius?
Are you guys using a different attribute instead of sAMAccount or a module
to lowercase/initial caps the username?
Running:
Hello Everyone,
So in my world we have been able to diagnose that the authentication issue
is related to the username case (only difference in Radius) and I have not
found anything other than a statement in an old post from Alan about AD
being case sensitive with usernames? Is there any
Just me again,
User has reset there password the usual way however we are still getting
fail login. Anyone with an idea or what I can provide to help solve this
puzzle? Thx
Thu May 1 09:07:33 2008 : Auth: Login incorrect: [brebberm/no
User-Password attribute] (from client 10.0.1.12 port 60035
Hello Sergio,
We find (depending on the version of vista) that the bubble doesn't appear
however you can have the user enter there information within the profile
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
Looks like the kerberos was only a piece to the puzzle. When a user enters
the 14 day period prior to being required to change password, windows XP is
changing the password of the user in some way that deauthenticates the user.
any ideas?
-
List info/subscribe/unsubscribe? See
Hello Mr. DeKok,
I wanted to say thank you, FreeRadius is the best, there is not better when
it comes to radius.
On to topic, I believe we have found the issue. It may be related to
kerberos tickets and krb5.conf file were I had the realm in lower case.
Found documentation that indicated it
Thanks Alan,
I'm really surprised at this issue. Something like this really puts me on
the spot to have to bring up an IAS in order to deal with the password
issue. I hate windoze but I though more than a handful of us would be
running into this issue since I see there are a lot of freeradius +
Hi Phil,
You are dead on with what is going on however this is occurring when the
user enters the 14 days prior to being required to change their password,
and even when the user themselves are prompted to change.
Just so its clear.
When user enters two week prior to being required to change
Has no one else experienced this issue where reset password confuses WinXP?
I really don't want to use IAS. Anyone ideas?
Thanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello everyone,
We have setup FreeRadius w/ Active Direcotry using LDAP and ntlm as per the
wiki and everything is working great save one item of concern.
When our users are needing to reset their password or have reset their
password ntlm fails
I'm pretty certain that this is not a freeradius
.
2008/4/7 Ivan Kalik [EMAIL PROTECTED]:
Wrong key:
http://support.microsoft.com/kb/823731
Ivan Kalik
Kalik Informatika ISP
Dana 8/4/2008, Charlie B [EMAIL PROTECTED] piše:
Hello everyone,
We have setup FreeRadius w/ Active Direcotry using LDAP and ntlm as per
the
wiki and everything
I guess I should add that this is a wired connection, not that this should
change too much.
Thank you again!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Sorry Alan, didn't mean to be antagonistic. Your were dead on about the solution.thx
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
and sending this to Active directory which is turing around and saying incorrect password. In all the examples I can find on the password sent is in clear test, so then why in my example is it encrypted? How do I undo this?
On 7/20/06, Alan DeKok [EMAIL PROTECTED] wrote:
Charlie B [EMAIL PROTECTED] wrote
Question: What is causing the password to be encrypted? It is not the password entered.radtest bradbrookc putz041277! localhost 0 xxxrad_recv: Access-Request packet from host
127.0.0.1:32806, id=152, length=62 User-Name = bradbrookc User-Password =
34 matches
Mail list logo