DeKok
Envoyé : vendredi 12 juin 2009 13:28
À : FreeRadius users mailing list
Objet : Re: multiple radiusVSA in ldap.attrmap
François Mehault wrote:
> + in ldap.attrmap I add
>
> replyItem Cisco-AVPair
> radiusVSA
>
> replyItem Foundry-Privilege-Level
t constructor (foundry, cisco, fortinet ...). Or I have
to do a profil administratorCisco, administratorFoundry, ...
Thanks for your help in advance
Regards,
François Mehault
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
]
De la part de Alan DeKok
Envoyé : jeudi 11 juin 2009 14:54
À : FreeRadius users mailing list
Objet : Re: segmentation fault with group in huntgroups
François Mehault wrote:
> So I understand that fmehault is able to authenticate on the NAS
> 192.168.0.50. But I have a segmentation fault of
owto about huntgroups and
group, I am interested.
Regards,
François Mehault
Netplus Communication
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hum, now all works perfectly. My reply-item are present now, I will try now to
understand why it works. Thanks to Ivan Kalik for his help and all freeradius
project.
Ldap.attrmap:
[...]
checkItem Cleartext-Password userPassword
Users:
DEFAULT ldaplabobe2-Ldap-Group == admin
FYI http://wiki.freeradius.org/Cisco ,maybe it can help you
Regards,
François
-Message d'origine-
De : freeradius-users-bounces+francois.mehault=netplus...@lists.freeradius.org
[mailto:freeradius-users-bounces+francois.mehault=netplus...@lists.freeradius.org]
De la part de Alan DeKok
E
(following my last mail)
I read in my log:
No authenticate method (Auth-Type) configuration found for the request:
Rejecting the user
So in the user file I replace
DEFAULT ldaplabobe2-Ldap-Group == administrateur, User-Profile :=
"cn=administrateur,ou=Profiles,dc=netplus,dc=fr
Reply-M
Thanks for your responce, I read http://freeradius.org/radiusd/doc/rlm_ldap , I
am focus on section GROUP SUPPORT.
So I have two ldap module instances in raddb/modules/ldap :
ldap ldaplabobe2 { [...] }
ldap ldaplabobe1 { [...] }
I added the ldap module in the instantiate{} block in radiusd.conf
Hi all
I try to do a fail-over with two ldap on my freeradius. I read this article
http://wiki.freeradius.org/Fail-over, I instantiated two openldap modules and i
use the keyword redundant in my /raddb/site-available/default in authorize and
authenticate section.
redundant {
Pr
Hi
I think you have to do like this :
checkval checkNasPortId {
item-name = NAS-Port-Id
check-name = NAS-Port-Id
data-type = string
notfound-reject = yes
}
checkval checkNasPortType {
item-name = NAS-Port
Well, I read the documentation, but I don't succeed to fix my problem, and I
don't know if the solution is in this documentation:
I use the attribute redundant and we can read:
"
* redundant{...} and append{...} are just shortcuts. You could write
group {
sql1 {
reeradius-users-bounces+francois.mehault=netplus...@lists.freeradius.org]
De la part de François Mehault
Envoyé : vendredi 29 mai 2009 16:23
À : FreeRadius users mailing list
Objet : RE: 1 freeradius with 2 openldap (multi master)
Well, I fact I have two servers: A and B.
A has freeradius +
dundant, it works.
Someone has an idea ??
Thanks for your help,
Regards,
François
-Message d'origine-
De : freeradius-users-bounces+francois.mehault=netplus...@lists.freeradius.org
[mailto:freeradius-users-bounces+francois.mehault=netplus...@lists.freeradius.org]
De la part de
unces+francois.mehault=netplus...@lists.freeradius.org
[mailto:freeradius-users-bounces+francois.mehault=netplus...@lists.freeradius.org]
De la part de Alan DeKok
Envoyé : vendredi 29 mai 2009 15:10
À : FreeRadius users mailing list
Objet : Re: 1 freeradius with 2 openldap (multi master)
François Mehault wrote:
Hi All
I have one freeradius and 2 openldap (multi - master). And I want my freeradius
use the second openldap if the first crash. So in freeradius I instantiate the
module ldap :
Ldap ldapmaster {
[...]
}
Ldap ldapbackup {
[...]
}
And in my site-available/defa
d'origine-
De : Ivan Kalik [mailto:t...@kalik.net]
Envoyé : mardi 19 mai 2009 15:09
À : François Mehault
Objet : RE: check-item NAS-IP-ADdress & Calling-Station-ID with openldap
> Well, I am using checkval to check the attribute NAS-IP-Address, what I
> want : I have several us
= no
}
De : freeradius-users-bounces+francois.mehault=netplus...@lists.freeradius.org
[mailto:freeradius-users-bounces+francois.mehault=netplus...@lists.freeradius.org]
De la part de Nicolas Goutte
Envoyé : mardi 19 mai 2009 14:45
À : FreeRadius users mailing list
Objet : Re: communicatio
ht, if it's the good way to do what
I need, but I am a novice with freeRadisu and OpenLDAP.
-Message d'origine-
De : Ivan Kalik [mailto:t...@kalik.net]
Envoyé : mardi 19 mai 2009 13:46
À : François Mehault
Objet : RE: check-item NAS-IP-ADdress & Calling-Station-ID with openl
Hi,
I authenticate on cisco equipments via ssh/telnet. There is no supplicant, so I
don't understand in my case and i would like to know if the communication
between my cisco equipment and my FreeRadius safe is. I have a secret shared
between both. I understand that the communciation between f
Checkval with Calling-station-id works fine ! And I want to check also the IP
of the NAS to authenticate my user.
rlm_checkval: Item Name: Calling-Station-Id, Value: 192.168.0.80
rlm_checkval: Value Name: Calling-Station-Id, Value: 192.168.0.80
++[station-check] returns ok
>NAS-IP-Address can be
Hi,
I would like to know is there any radius client on fedora 10 ? pam_radius ?
other ?
Regards,
François
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Envoyé : mardi 12 mai 2009 11:36
À : FreeRadius users mailing list
Cc : François Mehault
Objet : Re: test
Am 12.05.2009 um 11:31 schrieb François Mehault:
De : François Mehault
Envoyé : mardi 12 mai 2009 11:27
À :
'freeradius-users@lists.freeradius.org<mailto:freeradi
Hi All,
I want to use FreeRadius to administer network equipement. I use also OpenLDAP
to stock information about users. FreeRADIUS and OpenLDAP are installed on the
same server FreeBSD 7.0.
I contact a Network equipement (like catalyst cisco 2950 v12.1) with putty
(ssh/telnet).
To resume :
W
De : François Mehault
Envoyé : mardi 12 mai 2009 11:27
À : 'freeradius-users@lists.freeradius.org'
Cc : François Mehault
Objet : RE: check-item NAS-IP-ADdress & Calling-Station-ID with openldap
Hi All,
I want to use FreeRadius to administer network equipement. I use also Open
Hi All,
I want to use FreeRadius to administer network equipement. I use also OpenLDAP
to stock information about users. FreeRADIUS and OpenLDAP are installed on the
same server FreeBSD 7.0.
I contact a Network equipement (like catalyst cisco 2950 v12.1) with putty
(ssh/telnet).
To resume :
W
Hi All
I have to install a FreeRADIUS to authenticate some users on network
equipement (like a Catalyst cisco). I just want to authenticate users on the
cisco switch, no vlan attribution ... So i conclude that I don't have to
install/configure supplicant on my computer (windows XP), the comput
26 matches
Mail list logo