I understand that it is possible to have Freeradius execute a script when a
user authenticate. What I want to do is to be able to pass that user name and
the client's ip address to the script. This is my setup, I have freeradius
with mysql setup.
radgroupreply table:
I understand that it is possible to have Freeradius execute a script when a
user authenticate. What I want to do is to be able to pass that user name and
the client's ip address to the script. This is my setup, I have freeradius
with mysql setup.
radgroupreply table:
Hi,
I have Freeradius setup to authenticate user off mysql database. I was able to
set Freeradius to execute a script base on what group a user is in.
ex.
usergroup table:
usernamegroupname
Jdoetestprogram
radgroupreply table:
Groupnameatrributeopvalue
testprogram
Can we send radius log to a syslog? If so, how can I
accomplish this. I am using the latest freeradius
version..
I try changing logdir=syslog but not successful...
Thanks in advance..
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best
Hi all,
How do you prevent a user from authenticating after
three unsucessful attempts in freeradius. I am
currently having this issue where a mac adress is
constantly trying to authenticate after getting login
incorrect. Any help is appreciated.. Thanks in
advance ...
Hi,
I have clients constantly trying to authenticate off
of freeradius after being rejected. How do I set
freeradius to deny or timeout a user from
authenticating after three attempts? This is
authenticating off mysql database . I am not exactly
sure if the change is in sql.conf or
Hi,
Is there a way to kill a user connection? I did some
reading and I came across radkill. Can you use
radkill with radius? If you can, where can you
download ?
Thanks in advance ...
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best
Ok, so how do you set freeradius to do a
case-insensitive match? I have AB:CD:EF::: in mysql
and when a user authenticate with ab:cd:ef::: ,
radius reply with login incorect... Thanks in advance
--- Alan DeKok [EMAIL PROTECTED] wrote:
fvt3 [EMAIL PROTECTED] wrote:
How do you convert
I was able to strip the domain portion of it by having
radius execute an external script. Here is what I
have in radius to execute the external script..
ldapldap_ldap1 {
server =
identity =
password =
#basedn =
Is there a session log in freeradius? I want to find
out who logged on and how much time they have until
there session is timeout. Is there such a thing?
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
Hi,
I am trying to strip off some information in the
username. I have domain\\username and I have a script
to strip domain\\ and return the username. After
executing the script it returns the username but
radius_xlat adds a space right after the user name.
How do I get rid of that space. Any
Hi,
I have a question on configuring freeradius to return
vlan attributes base on a user group membership or ou.
I have a windows client xp sp2 using peap mschap2 to
authenticate off radius. How do I set radius to
return a vlan id of 10 if the user belongs to the
student group and if the user
Are you suggesting that do not use MSCHAP module and
use ldap module to do group lookup? If you using LDAP
module, that would mean stripping the user name
because the user name will be in this format
domain\\username. Then in radius config file I
would have
ldap student {
}
ldap staff {
}
. Am I getting this error because the
groupmembership filter is incorrect? Anyone knows
what the problem is?
--- fvt3 [EMAIL PROTECTED] wrote:
Hi,
How do I assign vlan base on authentication method.
Say if user is authenticated from ldap1 assign
vlan1,
if user is authenticated from ldap2
Hi,
How do I assign vlan base on authentication method.
Say if user is authenticated from ldap1 assign vlan1,
if user is authenticated from ldap2 assign vlan2. How
do I configure radius to do this?
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has
Hi, I am trying to setup Freedius to have multiple
ldap authentication. I want to authenticate off
ldap1, then ldap2 then mysql. If authentication fail
in ldap1, then go to ldap2. Ldap1(ldap) and
ldap2(AD). Here is my configuration
Modules {
ldap ldap1 {
}
ldap ldap2{
}
}
instantiate{
ldap1
--- Alan DeKok [EMAIL PROTECTED] wrote:
fvt3 [EMAIL PROTECTED] wrote:
Hi, I am trying to setup Freedius to have multiple
ldap authentication. I want to authenticate off
ldap1, then ldap2 then mysql.
No, you don't. For one, MySQL doesn't do
authentication. Neither
does LDAP
reject user password) then
go to ldap2 for lookup..
--- Terry J Fike Jr [EMAIL PROTECTED] wrote:
Message: 6
Date: Fri, 16 Jun 2006 09:44:29 -0700 (PDT)
From: fvt3 [EMAIL PROTECTED]
Subject: Re: Two Ldaps Authentication
To: FreeRadius users mailing list
freeradius-users
Hi,
Is it possible to authenticate off of one ldap server
and/or off another ldap server. I have multiple ldap
servers that freeradius server needs to authenticate
off. If it is possible, how can I accomplish this? thanks...
__
Do You Yahoo!?
Hi,
I have questions concerning authentication method. Is
it possible to force radius to authenticate off of
ldap AND also from a local database? Example, say a
user is connected to radius, first his user
id/password will be authenticated against ldap and if
the supplied credential is correct,
Is it possible to configure freeradius to authenticate
off from active directory, ldap and mysql? I am
looking to configure freeradius to hit active
directory to see if user exist, if not hit ldap and
mysql database for authentication. Since we can set
it to hit ldap then mysql, I think it is
Not sure which table to add == to the op field ??
--- Alan DeKok [EMAIL PROTECTED] wrote:
fvt3 [EMAIL PROTECTED] wrote:
Anyone know what it is and how to resolve it ?
Add a value in the op field, like the error
messages suggest?
Alan DeKok.
-
List info/subscribe/unsubscribe
Hi,
I'm getting this error in my log,
Error: rlm_sql: The 'op' field for attribute 'password
= ' is NULL, or non-existent.
Wed Mar 29 11:43:34 2006 : Error: rlm_sql: You MUST
FIX THIS if you want the configuration to behave as
you expect.
Wed Mar 29 11:43:39 2006 : Error: Invalid operator for
What if you run freeradius with ssl enable, is it
still going to show the authenticating user's password
while connecting to LDAP in debug mode or in log file?
--- Alan DeKok [EMAIL PROTECTED] wrote:
fvt3 [EMAIL PROTECTED] wrote:
How do you hide password that is sent to LDAP so
Hi,
I'm pretty new to freeradius and need some help. In
Freeradius, when a request is made can you used the
supplied userid and password to authenticate off from
LDAP and if the user does not exist in LDAP can force
it to authenticate off from the local database? If
this is possible, can you
25 matches
Mail list logo