Hello,
I would like to default reject users who have a / or \ in their
username. Often users will misconfigure their machines and Windows will send
the host\username, which will never be a valid login here.
Where is the best place to do this? I have tried to put this in the users
file, but I may
Apologies for reviving an old thread, but we have a response from RIM
regarding this issue.
The problem is with the version of OpenSSL on phone models 9360, 9380, and
9790.
For full details, see: http://blackberry.com/btsc/kb29914
The workaround reads Turn off secure renegotiation on the
FreeRadius has been stable for about a month, up until yesterday, and I have
not changed the configuration of the server. I began seeing segmentation
faults as seen below:
#grep radiusd /var/log/messages
Jan 30 15:53:03 radius1 kernel: radiusd[14764]: segfault at 70 ip
7fb9d4ba81ed sp
Hello,
After upgrading to FreeRadius version 2.1.11 on RHEL6, I am seeing the
following in radius.log right before the process terminates:
Wed Sep 28 11:16:12 2011 : Error: Child PID 30242 is taking too much time:
forcing failure and killing child.
Wed Sep 28 11:16:12 2011 : Error: Child PID
Hi Alan,
Thanks for your fast response.
By server, do you mean FreeRadius or the back end?
Dave
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/2-1-11-inexplicable-crash-tp4849607p4849700.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List
Not enough. The log saying database and you saying server doesn't help me
either.
This single server uses different databases depending on the request.
Currently ldap, AD and flat files. Nothing has changed except the version
I'm using.
Dave
--
View this message in context:
The solution was to reduce the amount of logging and add another CPU to the
VM.
Thanks.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/2-1-11-inexplicable-crash-tp4849607p4850387.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List
Hello,
I have a perfectly working environment on a dev machine with FR 2.1.10-5 and
very odd things are happening when I try and copy the configs to the
production machine running the same version.
The *ONLY* change I made on the prod version is in proxy.conf
realm test.myrealdomain.com {
}
Ive already set Auth-Type := LDAP by putting it in the users file.
As for the rest, I have what you suggest...
authenticate {
Auth-Type LDAP {
ldap.netid
}
Dave
--
View this message in context:
I've tried a few more things and still no luck...
Please help!
Best,
Dave
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/LDAP-Authentication-bind-as-user-issue-tp4786621p4792772.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List
This is exactly what I want, from the docs:
If the administrator wishes to use rlm_ldap only for
authentication or does not wish to populate the identity,password
configuration attributes he can set this attribute by other means and
avoid the ldap search completely. For instance it can be set
Thank you for the response, but I'd rather not do it that way.
The documentation suggests that what I want is possible, and it would be
ideal for this situation.
Any more ideas?
Many thanks,
Dave
--
View this message in context:
I am trying to use a Proxy-To-Realm condition to differentiate between portal
VPN logins and SSH'ing into the VPN itself. This is the request I can see
for a VPN Portal Auth:
User-Name = bob
User-Password = bob
NAS-Port = 65536
Called-Station-Id = 1.1.1.1
Calling-Station-Id = 2.2.2.2
Alan DeKok wrote:
Proxying. Set up a minimal virtual server that proxies to others.
Okay, this makes sense, but I am still unclear as to where to make the
differentiation between NAS-Port-Types.
What I envision is something like:
If (NAS-Port-Type == Virtual ) {
Home_server =
That looks great, thanks!
Last question...
Phil Mayers wrote:
authorize {
...
That is the authorize section from /sites-enabled/default, correct?
Thanks again,
Dave
--
View this message in context:
Hello,
I am looking for some guidance on configuring clients that will send
requests with different NAS-Port-Type’s.
Devices: HP Procurve, Cisco, Aruba wireless controllers
Possible NAS-Port-Types: Ethernet, Virtual, Wireless, Async
Ex., for an HP procurve switch, the possibilities will be:
1.
16 matches
Mail list logo