Alan,
You've reminded me of a question I've been meaning to ask.
Your previous answer gives an example using the unlang regex syntax, including
the case-insensitive operator at the end. But I was hoping to find an elegant
way to do case-insensitive matching in proxy.conf, where the comments
@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: Friday, July 12, 2013 3:19 AM
To: FreeRadius users mailing list
Subject: Re: Loading fails without reporting an error
Lovaas,Steven wrote:
Thanks, Adam... this got me looking at the right thing.
I had a mismatch between the type
AM
To: FreeRadius users mailing list
Subject: Re: Loading fails without reporting an error
On 11 Jul 2013, at 08:40, Alan DeKok al...@deployingradius.com wrote:
Lovaas,Steven wrote:
Hmm... it looks like there's a problem with the file. It doesn't
stop, it *exits*.
See doc/bugs
Hello again,
I've successfully gotten to the point where local authentication is working
well for all modes, using multiple SSIDs through two virtual servers, so I felt
confident jumping into the less familiar world of proxying. Not that the
concept is hard to understand, it's just always
Hello everyone,
I’m trying to bring up a fresh instance using 2.2.0, rather than just cloning
old 1.x configs as has been done in previous upgrades. In building a new Ubuntu
server, I grabbed the latest available build of samba (3.6.3); I’ve read that a
version of at least version 3.5.4 is
Simon
Sent: Monday, July 08, 2013 8:44 AM
To: FreeRadius users mailing list
Subject: Re: MS-CHAP2 fails - samba version?
Am 08.07.2013 16:30, schrieb Phil Mayers:
On 08/07/13 14:59, Lovaas,Steven wrote:
Exec-Program output: Reading winbind reply failed! (0xc001)
Check the permissions
Kriston,
You'll find that Alan and the rest of the volunteers who maintain the code base
and the mailing list can be remarkably friendly and helpful, IFF the questions
come from a place of obviously having read the documentation and tried the
suggested process first.
Snarkiness happens, but
Very well... I don't use a SQL database for users, but it occurs to me that
Arran's only slightly tongue-in-cheeck comment about lonely curly braces might
have convinced you to look at whether all the characters in your sql_user_name
string are being properly escaped or quoted. Since 7B is the
You're right, it was an unusually quiet night... but you're coming through loud
and clear, Alan.
Steve
-Original Message-
From: freeradius-users-bounces+steven.lovaas=colostate@lists.freeradius.org
[mailto:freeradius-users-bounces+steven.lovaas=colostate@lists.freeradius.org]
As a matter of fact, this very setup saved my bacon this week. I had to get
into an older Windows7 laptop, and while my domain account was a member of the
admins group, I hadn't logged on since before my most recent password change
(so it had my old password cached). AND the wired settings were
Matthew,
PAP is an authentication protocol. ASCII is a letter-encoding scheme. Neither
one is an encryption protocol. Passing ASCII over PAP is called clear text...
Steve
From: freeradius-users-bounces+steven.lovaas=colostate@lists.freeradius.org
My first guess, after reading your debug, is that your web server is not
passing a cleartext password along with the authentication request. That would
give the WARNING in your output, and would also explain why the User-Password
seen in the Access-Request packet doesn't look like the one in
Fantastic!
Thanks so much for all your work, Alan... and to the others who contributed
their time to this as well.
Steve Lovaas
-Original Message-
From: freeradius-users-bounces+steven.lovaas=colostate@lists.freeradius.org
Rather than deal with the never-ending tail-chasing between samba and
Microsoft, I've decided to move toward using FreeRadius as a proxy for the
Windows radius implementation (formerly IAS, now called NPS). I haven't
completed the change, so I'm sorry that I can't tell you how easy it is... but
Sorry, I didn't share enough context for my answer to make sense. We'll only be
proxying our wireless (802.11i) auth to NPS (PEAP/MSChapv2). The rest of our
tasks (VPN, NAC, guest, etc.) still auth differently, and they can continue as
we've always done them, while having a consistent address
Hello - I'm new to the list, because I've encountered a question I can't find
the answer to in the wiki or the archives.
We've had a stable Freeradius implementation for several years, and we love it!
Authentication decisions are being made on a group of linux servers; some
locally, some
16 matches
Mail list logo