I have a freeradius box (version 1.1.0) with the following (working) group
lookup.. On updating to 1.1.6 it appears the
%{Stripped-User-Name:-%{User-Name}} part is broken.. I see in cvs there is
an update to head, "radiusd/src/main/xlat.c (1.115): make ':-' work again".. I
have not had luck tr
In part of my ldap config section, I obtain the gid with an ldap lookup,
then use my ${gid} variable in the groupmembership_filter. Up until
recently I had simply been using %{User-Name}, but now have the need to
use the check for Stripped-User-Name before using User-Name. That works in
everywh
We have 25,053,381 in our MySQL radacct table.
On Mon, 22 Nov 2004, Alexander Serkin wrote:
Hello,
how many records in radacct table do you manage to keep, guys?
I see that radius stops working properly after about 15 accounting
records in Oracle (9.2.0.4) database or ~3 in PostgreSQL 7.4.6
comes from the nas, NAS-IP-Address is an IP.
On Tue, 27 Jul 2004, Alan DeKok wrote:
Mike Sturdee <[EMAIL PROTECTED]> wrote:
I am trying to use sql for the Simultaneous-Use check. I am seeing that
the NAS-IP-Address is being resolved in some places, and used as IP in
others. (I am thinking it
I am trying to use sql for the Simultaneous-Use check. I am seeing that
the NAS-IP-Address is being resolved in some places, and used as IP in
others. (I am thinking it should stay IP regardless).
Here's how it goes:
-SQL query for UserName with AccountSessionTime of 0.
|--Rows returned
-Run ch
I just happen to have such a script.. it's based of something I found a
year or so back, and modified quite a bit. It does the job for me. Unless
you use USR/3com/name_of_the_week Total Control, you'll probably need to
do some modifications.
On Fri, 9 Jul 2004, Stephan von Krawczynski wrote:
He
how about setting up 2 ldap modules?
ldap people {
...
}
ldap students {
...
}
Not sure if this would do it, just a suggestion.
On Wed, 7 Jul 2004, Alexander M. Pravking wrote:
On Wed, Jul 07, 2004 at 09:00:00PM +0200, Arthur EBEL wrote:
Hi everybody,
My freeradius operate very well
Is it possible to have mysql accounting log the query statement (yes i
know this part is possible) but NOT connect to the sql server? I need to
take the mysql box down for maint and was thinking this would be the best
possible way to not lose any records.
-Mike
-
List info/subscribe/unsubscrib
What is the best way to append '@realm' to a username before the log entry
is made in radius.log?
Thanks
-Mike
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I have radius set up to log accounting to a MySQL database. It currently
holds a couple years worth of logging from several thousand users, so it's
quite large.. Problem I'm having is if I do a select that will return a
couple hundred entries, or anything other than the simplest of queries,
radius
Alan,
It works as I want it.
Thanks!
-Mike
On Wed, 28 Jan 2004, Alan DeKok wrote:
> Mike Sturdee <[EMAIL PROTECTED]> wrote:
> > I am doing:
> >
> > # match number ending in 123
> > DEFAULT Called-Station-Id =~ "^.*123$"
>
> You don&#
I am doing:
# match number ending in 123
DEFAULT Called-Station-Id =~ "^.*123$"
Realm = "realm1"
# otherwise make it realm2
DEFAULT
Realm = "realm2"
And _ALL_ are being assigned "realm1"
-Mike
On Tue, 27 Jan 2004, Alan DeKok wrote:
I am trying to set the Realm attribute based on the Called-Station-Id.
Doesn't look to work in users (not done soon enough). Does the hints file
support regex comparisons? I am needing the realm set before radiusd
reaches the authentication / authorization modules.
thanks
-Mike
-
List info/subs
Has anything come of this yet?
On Wed, 14 Jan 2004, Alan DeKok wrote:
> Chris Parker <[EMAIL PROTECTED]> wrote:
> > > I'm open to suggestions for what to do with the "authorize" section
> > >and Autz-Type. I don't want to break older configurations, so that's
> > >a bit of a constraint.
> >
>
users that dial into a number ending in 195 get the correct Auth-Type &
Autz-Type, as do other calls that need to auth off of LDAP1. Problem is,
when I have the LDAP2 instances in authorize {} authenticate {}, users
authing off of LDAP1 do not get the correct group attributes per the group
lookup i
15 matches
Mail list logo
