Hi Guys, we are trying to get Free Radius to authenticate our users who
connect through a Cisco Small Business POE switch.
When testing authentication with a shutdown / no shutdown command on
port fa/17 which has an IP phone connected to it we receive the
following errors:
FREE
Hi Guys, we are trying to get Free Radius to authenticate our users who
connect through a Cisco Small Business POE switch.
When testing authentication with a shutdown / no shutdown command on
port fa/17 which has an IP phone connected to it we receive the
following errors:
FREE
Thank you Alan I will pursue that line of inquiry further.
On 9/23/2013 8:18 PM, Alan DeKok wrote:
Daniel Baker wrote:
[ldap] performing search in dc=citlao,dc=local, with filter (uid=root)
[ldap] object not found
[ldap] search failed
What part of that is unclear?
What can I try
The FTP masters just accepted the new freeradius-client package, it
should be available to install now using apt-get
I've opened a bug request for removal of the radiusclient-ng package
from the Debian archive
On 19/07/13 19:25, Daniel Pocock wrote:
On 15/07/13 23:21, Daniel Pocock wrote
On 20/07/13 14:56, Alan DeKok wrote:
Daniel Pocock wrote:
Should this code be shared with the client project freeradius-client?
No. The freeradius-client code is pretty bad.
Or is it preferred to build a new client (or shared library) from the
freeradius-server repository eventually
On 15/07/13 23:21, Daniel Pocock wrote:
On 15/07/13 21:51, Alan DeKok wrote:
Daniel Pocock wrote:
I just opened this report against radiusclient-ng in Debian (see below),
can anybody else comment on the situation, in particular, for
compatibility? Is there any urgency for Debian
On 15/07/13 21:53, Alan DeKok wrote:
Daniel Pocock wrote:
Can anybody comment on which client code should be used for long
extended attributes?
I see that the freeradius-client project predates RFC 6929.
By a LONG ways.
There's no client code for the extended attributes. The RFC
repository but it appears that the client code is not in github
Also, is anybody aware of C++ wrappers for this code or a C++ alternative?
Original Message
Subject:radiusclient-ng in Debian
Date: Mon, 15 Jul 2013 14:41:54 +0200
From: Daniel Pocock dan...@pocock.com.au
Can anybody comment on which client code should be used for long
extended attributes?
I see that the freeradius-client project predates RFC 6929.
Is there any module in the server project that provides a good example
of using these long values from requests?
-
List
On 15/07/13 21:51, Alan DeKok wrote:
Daniel Pocock wrote:
I just opened this report against radiusclient-ng in Debian (see below),
can anybody else comment on the situation, in particular, for
compatibility? Is there any urgency for Debian to update to the new
client code?
It has
that STUN/TURN may need it's now module in
FreeRADIUS.
Regards,
Daniel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks for replying and sorry if I'm being vague, I'll try and be more specific.
On Tue, Oct 23, 2012 at 10:59 AM, Phil Mayers p.may...@imperial.ac.uk wrote:
On 10/22/2012 09:13 AM, Daniel Ekman wrote:
Hi list,
I have a fairly large user base doing WPA2-enterprise from various
OS'es
but that
only broke things like I read somewhere it would.
Thanks for reading :)
Daniel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
for your response
Daniel
-Original Message-
From: freeradius-users-bounces+daniel=intelliworkspace@lists.freeradius.org
[mailto:freeradius-users-bounces+daniel=intelliworkspace@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: 14 September 2012 20:55
To: FreeRadius users mailing list
authenticated successfully
Now where do I go from here?
Thanks
Daniel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-Essid-Name}))
- ldap:///cn=UserAccounts,dc=DE?cn?sub?((CommonName=Testuser(10)
Daniel)(allowedSSID=ssid-data))
|Debug: [ldap_WLAN_auth] ldap_get_conn: Checking Id: 0
|Debug: [ldap_WLAN_auth] ldap_get_conn: Got Id: 0
|Debug: [ldap_WLAN_auth] performing search in cn=UserAccounts,dc=DE
?
This should be enough for the clients to verify the server certificate.
--
Regards
Daniel Finger
smime.p7s
Description: S/MIME Kryptografische Unterschrift
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
, schrieb Alan DeKok:
Is it possible to change the behaviour that only the certs in the
certificate_file are used?
Use CA_path instead of CA_file. That might help.
It does indeed help. Thanks!
--
Regards
Daniel Finger
smime.p7s
Description: S/MIME Kryptografische Unterschrift
-
List
Fajar,
I had radutmp and SQL commented out in account {}.
I don't know why, a possible mistake.
After mark radutmp and restart freeradius I don't see new errors in log.
In the NAS (MikroTik) statistics sometimes have a few resends and timeouts,
it's normal?
Sds,
---
Daniel Menezes
whith mtop[1] too, no slow queries.
Thanks!
Sds,
---
Daniel Menezes
Links:
[1] http://mtop.sourceforge.net/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Alan,
If you know better than the RADIUS experts, why are you asking
questions on this list?
I don't know better than anyone, I'm simply asking to understand where I'm
lost.
Sorry if you feel bad with my questions ..
Sds,
---
Daniel Menezes
-
List info/subscribe/unsubscribe? See
for these tables.
https://github.com/alandekok/freeradius-server/blob/master/raddb/sql/mysql/s
chema.sql
Hmm, I get it now.
I'll change the engine and report the results.
Thanks.
Sds,
---
Daniel Menezes
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
, change the DB engine.
Tomorrow i'll write about.
Thanks.
Sds,
---
Daniel Menezes
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
backend, tables indexes and other things.
I've used the backend script 'mysqltuner.pl' to adjust the performance.
It's better now, but the warnings and erros persists.
Can anyone help me on this?
Thanks in advance.
Sds,
---
Daniel Menezes
-
List info/subscribe/unsubscribe? See http
, but it was very
useful.
Maybe I really need some customization to the backend, I'll think about it.
Thank you.
Sds,
---
Daniel Menezes
-Mensagem original-
De: freeradius-users-bounces+listas=dmnzs.com...@lists.freeradius.org
[mailto:freeradius-users-bounces+listas=dmnzs.com
] [debug] mod_deflate.c(615): [client
10.10.240.240] Zlib: Compressed 130 to 108 : URL /test/index.html
Any ideas?
Thanks again,
Daniel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-Challenge packet from host 127.0.0.1 port 1812, id=150,
length=50
Reply-Message = Please Enter Code
State = 0x6368616c6c656e6765
Any assistance on this matter would be greatly appreciated!
Regards,
Daniel Abels
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
,
Daniel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
requests? And if so, can I use a different server
section for EAP-TLS?
Thanks for help.
Best regards,
Daniel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi all,
I am trying to change the key in the radutmp module from username to
calling-station-id. I have made the change in the radutmp file, but I try
freeradius -X the debug says that username = %{User-Name}.
I was expecting username= %{Calling-Station-Id}. Is this correct? Whatever I
put in
Hi Alan,
Whatever I change it to, it still prints out at debug, username =
%{User-Name}.
-Original Message-
From:
freeradius-users-bounces+daniel.hurran=bglobalmetering@lists.freeradius.org
[mailto:freeradius-users-bounces+daniel.hurran=bglobalmetering@lists.freeradius.org]
Fixed! I had:
key = %{Calling-Station-Id}
instead of:
username = %{Calling-Station-Id}
in:
/etc/freeradius/modules/radutmp
Many thanks.
-Original Message-
From:
freeradius-users-bounces+daniel.hurran=bglobalmetering@lists.freeradius.org
: Tue, 3 May 2011 20:56:12 +0100
From: Alexander Cloutera...@digriz.org.uk
Subject: Re: ldap server connection timeout
To:freeradius-users@lists.freeradius.org
Message-ID:s73698-k73@chipmunk.wormnet.eu
Daniel Davidsondani...@igb.uiuc.edu wrote:
My new wireless network tested great, but now
how to fix this ?
Try to uncomment the ntdomain line in the authorize section of site
configuration. This will split the realm (computer name) and login.
Maybe you'll also need to set the with_ntdomain_hack = yes in mschap
module configuration.
Daniel
-
List info/subscribe/unsubscribe? See
On 05/03/2011 05:00 AM, freeradius-users-requ...@lists.freeradius.org
wrote:
Daniel Davidson wrote:
My new wireless network tested great, but now that I have rolled it out
to the entire building, I get error messages like:
Mon May 2 15:15:06 2011 : Error: rlm_ldap: ldap_search
My new wireless network tested great, but now that I have rolled it out
to the entire building, I get error messages like:
Mon May 2 15:15:06 2011 : Error: rlm_ldap: ldap_search() failed: Timed
out while waiting for server to respond. Please increase the timeout.
And when these trigger,
this behaviour?
Have you installed the CA certificate on the phones?? You can check it
propably somewhere in Menu- Settings - Phone - Phone management -
Security - Certificates management.
For example in Nokia 5800 there are only VeriSign's CA certs installed
by default.
Daniel
-
List info
W dniu 2011-04-10 14:25, Zeus V Panchenko pisze:
Daniel Deptuła (daniel.dept...@gmail.com) [11.04.10 14:16] wrote:
...
the same device works fine (getting authorized well) via one AP in my
LAN and remote VPN, but receiving
...
Have you installed the CA certificate on the phones?? You can check
, or to not export
both of them (for security reasons as you said).
Thanks again,
Daniel.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/EAP-TTLS-Getting-the-EMSK-key-tp3354606p3356264.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe
key, but for some reason I cannot retrieve the
EMSK key.
What do I need to do? Would upgrading to a newer version of freeradius help?
Thanks,
Daniel.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/EAP-TTLS-Getting-the-EMSK-key-tp3354606p3354606.html
Sent from
Alan DeKok-2 wrote:
Daniel wrote:
I am new to radius and am using it in for a wimax based EAP TLS/TTLS
network.
Right now, I have freeradius 1.1.7 already installed and working.
It won't really work for WiMAX. You'll need 2.1.10, or maybe even the
most recent git master branch
Here it is installed :
radiusd: Loading Virtual Servers
server { # from file /usr/local/etc/raddb/radiusd.conf
And this is the error :
rad_recv: Access-Request packet from host 127.0.0.1 port 57115, id=255,
length=115
Service-Type = Framed-User
Framed-Protocol = PPP
If I want to upload schema.sql same bug as here:
http://www.mail-archive.com/freeradius-users@
lists.freeradius.org/msg61853.html
- Original Message -
From: Alan Buxey a.l.m.bu...@lboro.ac.uk
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Tuesday,
[mailto:freeradius-users-bounces+marius=mindspring.co...@lists.freeradius.org]
On Behalf Of Daniel Sandulescu
Sent: Tuesday, October 12, 2010 10:46 AM
To: FreeRadius users mailing list
Subject: Re: SQL query error; rejecting user
If I want to upload schema.sql same bug as here:
http://www.mail
Hello!
I got a erroarea following logging and do not know where to look.
Can someone ajunte me?
rad_recv: Access-Request packet from host 127.0.0.1:42096, id=227, length=116
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = phlander
CHAP-Challenge =
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Monday, October 11, 2010 3:21 PM
Subject: Re: SQL query error; rejecting user
Daniel Sandulescu wrote:
Hello!
I got a erroarea following logging and do not know where to look.
Can someone ajunte me?
It means you've edited
with timestamp +13
Ready to process requests.
- Original Message -
From: Alan DeKok al...@deployingradius.com
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Monday, October 11, 2010 4:44 PM
Subject: Re: SQL query error; rejecting user
Daniel Sandulescu
So I did, I deleted everything in / etc / raddb and I configuration, again
depending on the requirements there.
My question was, if I can see where misuse.
Sincerely,
Daniel
- Original Message -
From: Alan DeKok al...@deployingradius.com
To: FreeRadius users mailing list freeradius
Hi !
Login incorrect (rlm_chap: Clear text password not available):
[phlander/CHAP-Password]
Does anyone know where to change?
Tks!-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
.
- Original Message -
From: Alan DeKok al...@deployingradius.com
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Saturday, October 09, 2010 10:59 AM
Subject: Re: Clear text password not available
Daniel Sandulescu wrote:
Hi !
Login incorrect (rlm_chap: Clear text
Hello!
I got a following and do not know where erroare mistake.
cylon2:/etc/freeradius# radtest test-user test-pass 192.168.1.1 10 danieladmin
Sending Access-Request of id 198 to 192.168.1.1 port 1812
User-Name = test-user
User-Password = test-pass
NAS-IP-Address =
with timestamp 4cac0a6a
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 4 with timestamp 4cac0a6b
Nothing to do. Sleeping until we see a request.
--
Daniel Soto
Dep. Comunicaciones U.A.X
Daniel Soto
Dep
hi,
mi name is Daniel.
my problem is about simultaneous-use, i need use this attribute, but when i
try use it, only the last user logged apply this attribute.
i think the problem is radutmp, when i execute the radwho command i only can
see the last user logged.
is possible
I think it tells you in your debug what the problem is Gahn:
Found Auth-Type = Local
WARNING: Please update your configuration, and remove 'Auth-Type = Local'
--- On Sun, 19/9/10, gahn ipfr...@yahoo.com wrote:
From: gahn ipfr...@yahoo.com
Subject: still not working (newbie for radius)
To:
hi,
i hope someone can help me to understand this case.
from a nas cisco 1841 i send by pppoe a request to a freeradius Version 1.1.3.
the response ever is NAS-Port=0
--
rad_recv: Accounting-Request packet from host xx:1646, id=114,
length=168
I am migrating our system to freeradius2, I have a test environment that
works well on my fedora system that I am moving to a new server.
I can authenticate with the server perfectly if I start the server using
radiusd -X, however if I then cancel that and run it with the RHEL
startup script it
Nevermind, selinux was biting me in the rear again.
Dan
On Mon, 2010-08-23 at 15:33 -0500, Daniel Davidson wrote:
I am migrating our system to freeradius2, I have a test environment that
works well on my fedora system that I am moving to a new server.
I can authenticate with the server
ago) that I had the client (ie. Windows)
configured to try MS-CHAP and not PAP...
@ nf-vale:
nice detailed description on how to fix it, but I ended up using peter's
solution, as it seemed easier.
@ana dekok (inline comments):
Em 09-07-2010 11:23, Alan DeKok escreveu:
Daniel Gomes wrote
Wrong guess, i'ts OpenLDAP :)
Em 09-07-2010 13:04, Alan DeKok escreveu:
Daniel Gomes wrote:
From the logs, and as I wrote on my initial cry for help, I could see
that the password wasn't being found, I just couldn't puzzle out why...
And yes, the users do have passwords on LDAP (we are using
mentioned it, we are currently and successfully using it to
authenticate other services). The problem was really related to MS-CHAP,
and now that I changed to PAP, it all seems to be working fine...
Em 09-07-2010 13:35, Alan DeKok escreveu:
Daniel Gomes wrote:
Wrong guess, i'ts OpenLDAP
Em 09-07-2010 13:59, Alan DeKok escreveu:
Daniel Gomes wrote:
Well, as I mentioned (a couple of times now), the LDAP server was indeed
returning a password to FreeRADIUS, since radtest was always working
fine.
No, it wasn't returning a password to FreeRADIUS. Go *read* the debug
Em 09-07-2010 17:12, Alan DeKok escreveu:
Daniel Gomes wrote:
we are currently and successfully using it to
authenticate other services).\
Using PAP passwords.
Actually these application are probably just binding with the user's
credentials, but that's
configuration!
Thanks in advance,
Daniel Gomes
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
?
Dan
On Mon, 2010-06-14 at 15:05 -0500, Daniel Davidson wrote:
We have had a radius server running for years that we use to
authenticate our wireless users over wpa. It works flawlessly and
connections are authenticated as shown by the log below.
Mon Jun 14 14:57:40 2010 : Auth: Login OK
thanks i´ll try.
- Mensaje original -
De: John Dennis jden...@redhat.com
Para: FreeRadius users mailing list freeradius-users@lists.freeradius.org
CC: Daniel Soto daxo...@uax.es
Enviados: Viernes, 30 de Abril 2010 13:55:36
Asunto: Re: supplicant winxp+freeradius+ldap
On 04/30
sorry, didn´t include the log,
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/snmp.conf
Config: including file:
as I have read,
http://deployingradius.com/documents/protocols/compatibility.html , isn´t
possible authenticate users with peap (mschapv2) in ldap.
when we use EAP to authenticate in ldap, only EAP-TTLS (PAP) works.
- Mensaje original -
De: Daniel Soto daxo...@uax.es
hi.
i think that this problem is very similar to many people but i can´t find the
solution.
i´m trying authenticate users of windows with is own supplicant, when i try
authenticate in local users no problem, however the problem is when i try it
with openldap.
i received a
Use NTRadPing
http://packetlife.net/armory/ntradping/
2009/7/21 Ivan Kalik t...@kalik.net
need send to check values like calling-station-id ??
i use auth into ldap and account into mysql and works.. now need send
more
parameters like calling-stations-id or session-time.. how can i do
be perfect, I suggested that the Kalik.
Thank you.
Daniel Aparecido Martins Rosa
2009/7/15 Alan DeKok al...@deployingradius.com
Daniel Aparecido Martins Rosa wrote:
Hi All!
I need to register in a database when occurs simultaneous use. Currently
I stored by postauth_query through
Hi All!
I need to register in a database when occurs simultaneous use. Currently I
stored by postauth_query through the variable '% (reply: Packet-Type)', but
the message is generic, ranging from Access-Reject or Access-Accept.
When a connection occurs simultaneously, The freeradius stores the
principio Dios creo * desde la línea de comandos
Daniel Daza Muñoz
Responsable de programación.
Área de Comunicaciones. Servicio de Informática
y Comunicaciones. UNIVERSIDAD DE SEVILLA.
Campus de Reina Mercedes. Edificio Rojo. Despacho 3.26
Avenida de Reina Mercedes, s/n 41012 Sevilla ESPAÑA
KML
.
On Sun, Apr 5, 2009 at 10:24 PM, Alexander Clouter a...@digriz.org.ukwrote:
daniel knox m...@dknox.co.uk wrote:
Lol just actually read some stuff on WPA and learnt abit more about EAP.
I
realise now that TTLS does not require client certificates like I
previously
thought only
Okie, I've spent some of this weekend looking into this and some of the
files included in freeradius (havnt had a chance to play around testing it
though).
Am I right in guessing once i've configured the ldap group membership
filter, i include the unlang statement:
if (Ldap-Group == whatever) {
the
ability to access this. Although this may not be to difficult to distribute
to them I would have to look into these possible issues.
On Sun, Apr 5, 2009 at 9:35 PM, daniel knox m...@dknox.co.uk wrote:
Okie, I've spent some of this weekend looking into this and some of the
files included
Hello everyone, this is my first time getting started with freeradius.
I implement ICT at a local school and I would like to improve our wireless
from a WPA pre-share key to a radius based system. We have an openldap
server already with all our users and groups and use them to authticate them
.
I understood that there are 2 sessions opened. am I correct? If I am how can
I close these sessions?
And why does radtest work?
Thanks!
Sorry about my English.
Daniel Bojczuk
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
, sorry about my english.
Daniel
2009/2/3 SDamron sdam...@gmail.com
Looks like some kind of problem with your database. It clears when
you auth against the radtest, but when you try to use a user in the
database, it fails.
On Tue, Feb 3, 2009 at 6:45 PM, Daniel Bojczuk dan...@cirp.usp.br wrote
: rlm_sql_mysql: Starting connect to
MySQL server for #4
no error entry or anything else.
can anyone help me?
thanks daniel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Does anyone have a FreeRADIUS server handing out dynamic VLANs based on
group membership in AD to a HP 2800 series switch that's configured for
802.1X?
How do I configure FreeRADIUS to read the AD group membership
attribute, and how do I then pass the matching VLAN-ID back to the
switch?
Daniel
Follow-up question (sorry I'm new this): I'm currently authenticating
users with FreeRadius against an AD database (PEAP-MS-CHAPv2). Would I
still have to use the ldap module to get a user's AD group membership?
Thanks,
Daniel
-Original Message-
From:
[EMAIL PROTECTED]
g
[mailto:[EMAIL
, or could it be that this switch doesn't
support this, and the normal behaviour should be that the switch
asks RADIUS to have access showing the machine credentials (MAC Address)!?
Tks in Adv.
Daniel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
For some ready my accounting information isnt being written at all, even
though I cannot find a difference in the config file with another radius
server I am running. I have included what I believe to be the
appropriate parts or radiuxsd -x below. Seems like the
%{Client-IP-Address} directories
Thank you for the quick reply. I beat my head against it again, and
again. Then noticed the clients file. I got it working.
Alan DeKok wrote:
Daniel Durgin wrote:
I have search the archives and google, and there seems to be lots of
confusion on the subject: Requiring membership to and LDAP
Hello,
I have search the archives and google, and there seems to be lots of
confusion on the subject: Requiring membership to and LDAP group to
authenticate.
I can seem to get it to work. Notice the misspelling og the member:
dn: cn=radius_wifi,ou=Groups,dc=fu,dc=bar
cn: min_radius_wifi
Hi,
I need to use the attribute Expiration in the SQL tables. It is working
fine on this way:
+-+---++-++
|username | attribute | op |value| id |
+-+---++-++
|daniel | User-Password | == |daniel
Let me see if I understood.
Shold I stop using the rlm_slq and start using rlm_perl with my own
authentication script (using the freeradius' variables and functions, I
read something about it)??
Thanks
Daniel
2007/7/2, Krzysztof Olêdzki [EMAIL PROTECTED]:
On 2007-06-30 17:24, Daniel Bojczuk
Yes!!! You're right
Freeradius doesn't have permission to select the tables. Now it's working
fine.
Thanks
Daniel
2007/6/29, Pshem Kowalczyk [EMAIL PROTECTED]:
Hi,
You haven't pasted the whole log, but judging from the following lines:
Postgresql check_error: PGRES_FATAL_ERROR, returning
the
user once again.
Is it possible?
Thanks,
Daniel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
on using freeradius, I don't know what I can do.
Thank you..
Daniel Bojczuk
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
connect to
MySQL server for #3
Thu Apr 19 19:07:24 2007 : Info: rlm_sql_mysql: Starting connect to
MySQL server for #4
Thu Apr 19 19:07:24 2007 : Info: Ready to process requests.
Segmentation fault
--- debug info ---
Does anyone have the same problem?
Thanks!
bye
Daniel
-
List info/subscribe
that radiusd crashes before
it writes the first debug message.
bye
Daniel
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von inverse
Gesendet: Freitag, 20. April 2007 10:36
An: FreeRadius users mailing list
Betreff: Re: server crashes with eap/tls
Has anyone had any luck compiling pam_radius_auth on ubuntu?
On Mon, 16 Apr 2007 15:13:49 +0200, Alan DeKok [EMAIL PROTECTED] wrote:
daniel wrote:
I am trying to set up unix authentication using radius.
Does the pam module support the maximum session times.
No, because PAM has
Alan,
Thankyou, how do I build the module with stack overflow checking turned off,
also what library do I need to link it to?
Regards,
Daniel Davis
On Mon, 16 Apr 2007 11:15:59 +0200, Alan DeKok [EMAIL PROTECTED] wrote:
daniel wrote:
Apr 15 22:03:51 bill sshd[7861]: PAM unable to
dlopen
,
Daniel Davis
On Mon, 16 Apr 2007 11:15:59 +0200, Alan DeKok [EMAIL PROTECTED] wrote:
daniel wrote:
Apr 15 22:03:51 bill sshd[7861]: PAM unable to
dlopen(/lib/security/pam_radius_auth.so)
Apr 15 22:03:51 bill sshd[7861]: PAM [dlerror:
/lib/security/pam_radius_auth.so: undefined symbol
:
__stack_chk_fail_local]
Apr 15 22:03:51 bill sshd[7861]: PAM adding faulty module:
/lib/security/pam_radius_auth.so
I am running pam_radius_auth 1.3.16 and freeradius 1.1.6 on Ubuntu
6.10
The pam_radius_auth module seems to be quite old, does anyone know
if it still works?
Regards,
Daniel Davis -
List
|
| radgroupreply|
| radpostauth |
| radreply |
| usergroup|
+--+
The table radcheck:
++--+---++---+
| id | UserName | Attribute | op | Value |
++--+---++---+
| 1 | daniel | Password | == | senha |
| 2
for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type System
auth: type System
ERROR: Unknown value specified for Auth-Type. Cannot perform requested
action.
auth: Failed to validate the user.
Login incorrect: [daniel] (from client testee port 0
It works!
Thank you for answering!
Daniel Bojczuk
Daniel Bojczuk wrote:
...
rlm_sql (sql): Released sql socket id: 4
modcall[authorize]: module sql returns ok for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type System
auth: type System
Dan Geist explained what it was I am trying to do. His suggestion is the
way I will look, to use a perl module to split the authentication.
Time for some ASCII Art (bad)
NAS --- FR
(this field passes the password via RADIUS/PAP, and is the securID
tokencode + kerberos pwd.)
( ex: user:jdoe
1 - 100 of 246 matches
Mail list logo