wait each other
> to finish while the CPU stays unused and you'll avoid this annoying message
> in your logs. A sure sing that something like that is going on is the
> Acct-Delay-Time parameter with values greater than 0 - that is for
> accounting not sure for auth etc. Anyways i
sed and you'll avoid this annoying message in your logs. A sure
sing that something like that is going on is the Acct-Delay-Time
parameter with values greater than 0 - that is for accounting not sure
for auth etc. Anyways if the values of that parameter are high (they
are in seconds I t
hi, in another day I posted this same error ' Error: Discarding duplicate
request from client '
and the answer was 'your database is slow'
so I upgrade my server with more memory, and changed servers variables...
but, i'm still having this problem
and I dont know what
Коньков Евгений wrote:
> rm -f .libs/radiusdS.c .libs/radiusd.nm .libs/radiusd.nmS .libs/radiusd.nmT
> cc .libs/radiusdS.o -pthread -o .libs/radiusd .libs/acct.o .libs/auth.o
> .libs/client.o .libs/conffile.o .libs/crypt.o .libs/exec.o .libs/files.o
> .libs/listen.o .libs/log.o .libs/mainconfig.o
ce to `lt__PROGRAM__LTX_preloaded_symbols'
gmake[4]: *** [radiusd] Error 1
gmake[4]: Leaving directory
`/usr/ports/net/freeradius2/work/freeradius-server-2.1.7/src/main'
gmake[3]: *** [common] Error 2
gmake[3]: Leaving directory
`/usr/ports/net/freeradius2/work/freeradius-server-2.1.7/src'
gmake[2]: ***
Gökhan ORHON wrote:
> Help, again message here,
>
> Note: I test Cisco Secure ACS, no problem. But freeradius not release pool
> ips. Thank you.
You have been very careful to *not* follow the instructions in the
FAQ. You have been very careful to *not* pay attention to the responses
on this l
> Note: I test Cisco Secure ACS, no problem. But freeradius not release pool
> ips. Thank you.
Because it will not release IPs without notification that user is offline
(accounting stop packet). If you want limited lifespan of assigned IP
address don't use ippool - use dhcp.
Ivan Kalik
-
List in
and radius not give ip to POS.
> I manualy remove
>
> this rlm_ippool_tool -r command and Radius give IP to POS.
>
> I look Radius -Xx command,
>
> i see on the log file error : rlm_ippool: No available ip addresses in
> pool.
>
> Q1: How release IP on the db.ippool
> I know. But cant control many pos or devices power down directly. How db
> pool release active ip. I use rlm tool In the crontab every 30 minutes.
> But I think wrong way. Can you give for active session on the db ippool
> time out value or any way?
>
> Or different configuration.
>
> Note: this
, and disconnect, ippool not free
> ip on the db.
>
> I look
>
> rlm_ippool_tool -avc db.ippool db.ipindex
>
> ip's still here. Many times db file is full and radius not give ip to POS.
> I manualy remove
>
> this rlm_ippool_tool -r command and Radius give IP to
5:13 PM
To: FreeRadius users mailing list
Subject: Re: Freeradius db.ippool is FULL Error : rlm_ippool: No available ip
addresses in pool.
G๖khan ORHON wrote:
Hello,
I have a big problem please HELP.
I newbee for Radius,
I am use freeradius 2.x on the Suse 11.1. (Vmware ESXi 3.5)
I use
o POS.
?
I look Radius -Xx command,
?
i see on the log file error : rlm_ippool: No available
ip addresses in pool.
?
Q1: How release IP on the db.ippool file auto? or any
disconnection timeout value?
?
Note: I use crontab now, but is this true way?
Thank you.
?
look
rlm_ippool_tool -avc db.ippool db.ipindex
ip's still here. Many times db file is full and radius not give ip to POS. I
manualy remove
this rlm_ippool_tool -r command and Radius give IP to POS.
I look Radius -Xx command,
i see on the log file error : rlm_ippool: No available ip address
uot; I get the
error "ld: fatal: file .libs/sql_mysql.o: wrong ELF class: ELFCLASS32"
Version: FreeRADIUS 2.1.7
Host SUN Sparc Netra-210
OS: Solaris2.10
MySQL Pkg: mysql-5.0.88-solaris10-sparc-64bit.pkg.gz
Where can I find the 64 bit libraries? I thought I had them but
apparently I don&#
Hi all!
I want to install FreeRADIUS 2.1.7, but while running "make" I get the
error "ld: fatal: file .libs/sql_mysql.o: wrong ELF class: ELFCLASS32"
Version: FreeRADIUS 2.1.7
Host SUN Sparc Netra-210
OS: Solaris2.10
MySQL Pkg: mysql-5.0.88-solaris10-sparc-64bit.pkg.gz
Whe
"Alex Bahoor" writes:
> I'm curios, I loaded a fully blown about 5 gig OS, why did it not come with
> all that is needed?
Because all *everyone* is going to need is considerably more than that.
E.g., if you are going to download a complete Debian stable for amd64,
that's now 6 DVD images with c
Alan,
I googled one error, I got about 300 RPMs. Please take a look at the
attachment of the error log, and kindly, let me know what libraries I should
use to what Linux. I'm using suse 11.0 novell enterprise server.
Rgrds,
Alex
-Original Message-
From: freeradius-users-bo
s-bounces+alexbahoor=sbcglobal@lists.freeradius.o
rg] On Behalf Of Alan Buxey
Sent: Thursday, December 03, 2009 1:22 AM
To: FreeRadius users mailing list
Subject: Re: Error in Installing Freeradius
Hi,
> I'm trying to install freeradius (Version 2.1.7.: tar.bz2), on
> suse_sles-11-
Yagnesh Dave wrote:
> I am getting this error while trying to run the freeradius, pls help me
> to get this resolved.
>
> The error is,
>
> radiusd: Instantiating modules
> instantiate {
> /usr/local/etc/raddb/modules/exec[24]: Invalid version in module 'rl
Hi Everybody,
I am getting this error while trying to run the freeradius, pls help me to get
this resolved.
The error is,
radiusd: Instantiating modules
instantiate {
/usr/local/etc/raddb/modules/exec[24]: Invalid version in module 'rlm_exec'
Errors initializing modules
Hi,
> I'm trying to install freeradius (Version 2.1.7.: tar.bz2), on
> suse_sles-11-0-0.001 and following the procedure below, I ran into the
> following errors:
> Sh: apxs2-prefork: command not found
> Error: failed build dependencies:
> Db-dvel is needed by freeradius-se
Hi,
I'm trying to install freeradius (Version 2.1.7.: tar.bz2), on
suse_sles-11-0-0.001 and following the procedure below, I ran into the
following errors:
Sh: apxs2-prefork: command not found
Error: failed build dependencies:
Db-dvel is needed by freeradius-server-2.1.7-0.i586
And the list
that the readme say.
Well I tried to runt the bootstrap command and got an error saying that it has
problems making the Cert Request.
Here down below is the output from the bootstrap command.
How do I fix this, have I done something that I shouldnt have done?
Best regards/ Peter Carlstedt
r
Hi,
> Hi,
>
> Thanks for the quick answer. I removed nohup.out and its not throwing that
> error. But now it is throwing this error. It would be great if you can point
> out the solution.
did you build FreeRADIUS from source yourself? if so, you built it without
mysql support
Hi,
Thanks for the quick answer. I removed nohup.out and its not throwing that
error. But now it is throwing this error. It would be great if you can point
out the solution.
###
bash-3.00# tail nohup.out
simul_verify_query = "S
not start and was giving this error as given below,
> ###
> including configuration file /usr/local/etc/raddb/sites-enabled/default
> including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
> including con
On Mon, Nov 30, 2009 at 09:20:32AM -, Yagnesh Dave wrote:
> including configuration file /usr/local/etc/raddb/sites-enabled/nohup.out
> /usr/local/etc/raddb/sites-enabled/nohup.out[1]: Expecting section start
> brace '{' after "FreeRADIUS Version"
> Errors reading /usr/local/etc/raddb/radiusd.
Hi Everyone,
I was trying to set-up mysql for logging the accounting logs for the users. I
followed the instruction on http://www.frontios.com/freeradius.html and also on
http://wiki.freeradius.org/SQL_HOWTO. The I tried to run the FreeRadius server.
It did not start and was giving this error
>>
>> Ivan, could you post an excerpt from debug where he is telling me that?
>>
> rad_recv: Access-Request packet from host 10.0.0.1 port 21645, id=210,
> length=81
> NAS-IP-Address = 10.0.0.1
> NAS-Port = 1
> NAS-Port-Type = Virtual
> User-Name = "recover"
>
Ivan, could you post an excerpt from debug where he is telling me that?
No. It's your machine, not mine. You post the debug and we will tell you
which password store is used.
Ivan Kalik
You bet! Here it is.
server1:~# freeradius -X
FreeRADIUS Version 2.0.4, for host x86_64-pc-linux-gnu,
> Ivan, could you post an excerpt from debug where he is telling me that?
No. It's your machine, not mine. You post the debug and we will tell you
which password store is used.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ivan, could you post an excerpt from debug where he is telling me that?
--
Wagner Pereira
PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
f...@rnp 1015-8902
t...@kalik.net escreveu:
And my que
> And my questions are: How can I be sure where freeradius is
> authenticating in? /passwd or users file ?
Debug will tell you. Why have them both enabled if you want just one?
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ivan, the thing is:
At the freeradius side I have:
clients.conf file
client 10.0.0.1 {
secret = teste123
shortname = cisco6500
nastype = cisco
}
users file
user Cleartext-Password := "teste123"
Service-Type = NAS-Prompt-User
> But actually I'm worried if anything else is wrong in my configuration.
> So, I just figure out where is. Maybe in my aaa model at Cisco router.
Since you got to accounting - authentication must be working. What is
there to worry about?
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://
e São Paulo
http://www.pop-sp.rnp.br
f...@rnp 1015-8902
t...@kalik.net escreveu:
That is the message logged in my radius.log :
Fri Nov 27 11:52:13 2009 : Error: rlm_radutmp: Logout for NAS cisco6500
port 0, but no Login record
Accounting start packet got lost. Or your NAS is sending same
> That is the message logged in my radius.log :
>
> Fri Nov 27 11:52:13 2009 : Error: rlm_radutmp: Logout for NAS cisco6500
> port 0, but no Login record
Accounting start packet got lost. Or your NAS is sending same port number
for all users.
Ivan Kalik
-
List info/subscribe/unsu
Hi, folks.
I'm trying to authenticate in a freeradius server, installed on a Debian
5.0 lenny x86_64. The freeradius version is 2.0.4
That is the message logged in my radius.log :
Fri Nov 27 11:52:13 2009 : Error: rlm_radutmp: Logout for NAS cisco6500
port 0, but no Login record
A
All,
We are running Freeradius 2.1.7, some of our clients aren't properly
configured, and we sometimes see errors like this in /var/log/radius.log:
Mon Nov 2 16:23:04 2009 : Error: TLS Alert read:fatal:unknown CA
Mon Nov 2 16:23:04 2009 : Error: TLS_accept:failed in SSLv3 read
c
> Subject: RE: Ldap search and AD operations error
>
> Leighton,
>
> Try using ldapsearch in verbose mode (and debug mode) to get
> more info from AD.
>
> ldapsearch -v -h -D "cn= dc=ad,
> dc=hud, dc=ac, dc=uk" -w -x -b "dc=ad, dc=hud,
> dc
thanks for the information,
i tougth that was a error beacause I never got this message
thank you
2009/10/13 Alan Buxey
> Hi,
> > i get this message
> >
> > Info: rlm_sql (sql): received Acct On/Off packet
>
> ??? your FR server received an accounting packet and
>
Hi,
> i get this message
>
> Info: rlm_sql (sql): received Acct On/Off packet
??? your FR server received an accounting packet and
your system is configured to use sql in the accounting
section - whats the error?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius
i get this message
Info: rlm_sql (sql): received Acct On/Off packet
--
Att.
Alisson F. Gonçalves
Sistemas de Informação - UFGD
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Rihad,
> > Take your NAS, and throw it in the garbage. Buy a real NAS that
> > implements RADIUS.
> >
> Oh yeah? Isn't Cisco 7260 good enough for you?
Hmmm ... A few months ago I was working on a project with a Cisco 72XX
terminating PPoE connections from DSL modems. I was using custom SQL cod
Hi,
> finishing a request in my auth/acct Perl scripts, meaning each request
> would take at least 1 second to process, freeradius shouldn't care! It
okay...you have a daemon listening on port 1812 ... how many threads
or radiusd processes are you running - because , for example, if you have
rihad wrote:
> Ivan Kalik wrote:
>> Exactly. The only problem being your inability to comprehend that
>> freeradius is not faulty but it is your perl script that can't cope.
> Why do you not understand that even if I put "sleep 1" right before
> finishing a request in my auth/acct Perl scripts, mea
Ivan Kalik wrote:
Being 100% correct protocol-wise means nothing, if the software can't
fit well into an environment.
Exactly. The only problem being your inability to comprehend that
freeradius is not faulty but it is your perl script that can't cope.
Why do you not understand that even if I p
> Being 100% correct protocol-wise means nothing, if the software can't
> fit well into an environment.
Exactly. The only problem being your inability to comprehend that
freeradius is not faulty but it is your perl script that can't cope. If
you are unwilling to alter it in order to speed things u
rihad wrote:
> Being 100% correct protocol-wise means nothing, if the software can't
> fit well into an environment.
So you agree that the NAS is broken.
> Just a recent example off the top of my
> head: dnscache. Its security and DNS protocol support are astonishing.
> But due to it being unab
Alan DeKok wrote:
rihad wrote:
Oh yeah? Isn't Cisco 7260 good enough for you?
Q: Hi, I have a RADIUS server that is slower than a 386, and a NAS that
violates the RADIUS protocol. What should I do?
A: Fix the server and the NAS.
Q: You bastards! How dare you tell me my equipment is br
rihad wrote:
> Oh yeah? Isn't Cisco 7260 good enough for you?
Q: Hi, I have a RADIUS server that is slower than a 386, and a NAS that
violates the RADIUS protocol. What should I do?
A: Fix the server and the NAS.
Q: You bastards! How dare you tell me my equipment is broken!
While this
Alan DeKok wrote:
rihad wrote:
Trying for the third time:
Do you have any intention of reading the messages here?
there are many, many requests of the
"Discarding conflicting packet" kind, which for one reason or another
are dupped by our Cisco NASes in under one second (see the code). And
rihad wrote:
> Trying for the third time:
Do you have any intention of reading the messages here?
> there are many, many requests of the
> "Discarding conflicting packet" kind, which for one reason or another
> are dupped by our Cisco NASes in under one second (see the code). And
> there are ma
Ivan Kalik wrote:
Our radius-server timeout is high enough: 4 minutes. Once again: I
suppose that what freeradius thinks of as "Received conflicting packet
..." are rather a bit delayed packets normally treated as "Discarding
conflicting packet ...", i.e. they arrive at freeradius in maybe 1.01+
>>> Our radius-server timeout is high enough: 4 minutes. Once again: I
>>> suppose that what freeradius thinks of as "Received conflicting packet
>>> ..." are rather a bit delayed packets normally treated as "Discarding
>>> conflicting packet ...", i.e. they arrive at freeradius in maybe 1.01+
>>>
Alan Buxey wrote:
Hi,
Our radius-server timeout is high enough: 4 minutes. Once again: I
suppose that what freeradius thinks of as "Received conflicting packet
..." are rather a bit delayed packets normally treated as "Discarding
conflicting packet ...", i.e. they arrive at freeradius in m
Hi,
> Our radius-server timeout is high enough: 4 minutes. Once again: I
> suppose that what freeradius thinks of as "Received conflicting packet
> ..." are rather a bit delayed packets normally treated as "Discarding
> conflicting packet ...", i.e. they arrive at freeradius in maybe 1.01+
Ivan Kalik wrote:
That is, not many (if any) of our "Receved ..." lines are due to what
could be considered a NAS timeout, and they should be treated like
"Discarding ...", that is, the new request should be dropped.
No, NAS qouldn't wait on your script to finish so it gave up and has tried
ag
;> "Fixing" FreeRADIUS to spend more time processing useless requests
>> will only make the problem worse.
>>
>>> Please look at the line marked with ^^^ - it's where the error is
>>> logged
>>> and the current request is aborted, unless it w
rihad wrote:
> Absurd. The Dell PowerEdge 2950 w/ 2 quad-cores cannot itself without
> human intervention survive the "NAS attack" exactly due to having to
> give up on hundreds of requests per second
Your dual quad-core box can't handle hundreds of packets a second?
Wow... your Perl script i
arding ...", that is, the new request should be dropped.
"Fixing" FreeRADIUS to spend more time processing useless requests
will only make the problem worse.
Please look at the line marked with ^^^ - it's where the error is logged
and the current request is aborted, unless it was
rihad wrote:
> Sometimes when there are too many requests from a NAS, like right after
> rebooting it and thus breaking current sessions, etc., freeradius 2.1.3
> under FreeBSD begins loggin many many lines like this after the NAS
> re-sends unanswered packets:
>
> Error: Re
Hi, all,
Sometimes when there are too many requests from a NAS, like right after
rebooting it and thus breaking current sessions, etc., freeradius 2.1.3
under FreeBSD begins loggin many many lines like this after the NAS
re-sends unanswered packets:
Error: Received conflicting packet from
-
> bounces+tim.sylvester=networkradius@lists.freeradius.org
> [mailto:freeradius-users-
> bounces+tim.sylvester=networkradius@lists.freeradius.org] On Behalf
> Of Leighton Man
> Sent: Tuesday, October 06, 2009 8:50 AM
> To: 'FreeRadius users mailing list'
> Su
was successful
> rlm_ldap: performing search in dc=ad, dc=hud, dc=ac, dc=uk, with filter
> (sAMAccountName=mytestusername)
> rlm_ldap: ldap_search() failed: Operations error
> rlm_ldap::ldap_groupcmp: search failed
That's bad.
> Has anyone got latest information on what caus
ersion 2.1.6 on Solaris doing lookups against Active Directory.
I get, in the debug:
rlm_ldap: Bind was successful
rlm_ldap: performing search in dc=ad, dc=hud, dc=ac, dc=uk, with filter
(sAMAccountName=mytestusername)
rlm_ldap: ldap_search() failed: Operations error
rlm_ldap::ldap_groupcmp: sea
Hello Ivan,
On Tue, Sep 29, 2009 at 3:14 AM, Ivan Kalik wrote:
>
> Try using buffered-sql virtual server to separate accounting from
> authentication. At busy time accounting will lag behind but it will catch
> up when rush passes.
Noted. I will check this out then.
Thank you.
Regards,
Muffin
Hello Alan,
On Tue, Sep 29, 2009 at 12:35 AM, Alan DeKok wrote:
>
> What does that mean? You kick all of the users off, and then allow
> them back on?
Just bypass the router and the RADIUS servers to go straight to the Internet.
> Well... if the MySQL server can't handle the traffic, no amou
Hello Alan,
On Mon, Sep 28, 2009 at 11:24 PM, Alan Buxey wrote:
>
> are you doing authentication and accounting via MySQL? did you perform
> a benchmark of the RADIUS server + MySQL (eg with dumb temp accounts)
> to check what the loading could be? in my experience, authentication can
> be done
> Basically, the number of subscribers increased. If we do a maintenance
> window where we swing back and forth the traffic to the router, all
> the subscribers will hit the router which eventually push all the
> RADIUS Requests to the RADIUS server in one shot and on which the
> MySQL backend is c
muffin sk wrote:
> Basically, the number of subscribers increased. If we do a maintenance
> window where we swing back and forth the traffic to the router,
What does that mean? You kick all of the users off, and then allow
them back on?
> all
> the subscribers will hit the router which eventua
Hi,
> Retry Count is the maximum number of times that the router retransmits
> a RADIUS packet to the RADIUS server. In this case, this has been
> increased from 3 times to 10 times.
>
> Timeout is the interval (in seconds) before the router retransmits a
> RADIUS packet to the RADIUS server. In
Hello Alan and all,
On Mon, Sep 28, 2009 at 10:30 PM, Alan Buxey wrote:
>
> so the router now hits the RADIUS 10 times insteda of 3
> but has more casuallnes in timeout
Basically:
Retry Count is the maximum number of times that the router retransmits
a RADIUS packet to the RADIUS server. In thi
Hi,
> Previously, this has been working smoothly. Then we changed some
> configurations on the following devices which currently we are now
too many changes made at the same time.
> - Retry Count from 3 to 10
> - Timeout from 3 to 10
so the router now hits the RADIUS 10 times insteda of 3
but h
Hello Alan and all,
On Mon, Sep 28, 2009 at 6:43 PM, Alan Buxey wrote:
>
>
> this sort of message means that the child process is taking
> ages to do what is asked of it. in this case, its accounting and
> the accounting config is trying to run some external executable which
> is taking a while t
> I am continuously getting this error message on my
> /var/log/radius/radius.log file:
>
> Mon Sep 28 18:26:55 2009 : Error: WARNING: Unresponsive child (id
> 1094719808) for request 24026 (in component accounting module
> rlm_exec)
Your perl script isn't working.
Ivan
Hi,
> Hello all,
>
> I am continuously getting this error message on my
> /var/log/radius/radius.log file:
>
> Mon Sep 28 18:26:55 2009 : Error: WARNING: Unresponsive child (id
> 1094719808) for request 24026 (in component accounting module
> rlm_exec)
>
> In effe
Hello all,
I am continuously getting this error message on my
/var/log/radius/radius.log file:
Mon Sep 28 18:26:55 2009 : Error: WARNING: Unresponsive child (id
1094719808) for request 24026 (in component accounting module
rlm_exec)
In effect, I got a timeout on account start and stop which
09/24/2009 04:12 PM, wessam seleem::
Note that I changed my real password
and its encryption to secure my data.
By the way, As far as I know (And I might know nothing),
encryption _is_ because guessing the password from it's encrypted
hash is _not_ possible.
--
Architecte Informatique ch
> what I can see that Radius couldn't encrypt clear text password. For
> example
> when I send the password in clear text like "123456" it rejects me but
> when
> I send it encrypted like "&^%$%$%JGjgjg(&%%^njahjahs" I was able to login
> without any problems. Note that I changed my real password a
what I can see that Radius couldn't encrypt clear text password. For example
when I send the password in clear text like "123456" it rejects me but when
I send it encrypted like "&^%$%$%JGjgjg(&%%^njahjahs" I was able to login
without any problems. Note that I changed my real password and its
encry
wessam seleem wrote:
...
> [pap] login attempt with password "123456"
> [pap] Using clear text password "&^%$%$%JGjgjg(&%%^njahjahs"
Your shared secret is wrong. Fix it.
See the FAQ for more details.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.h
Thanks Ivan for your reply. Here is the ldap configuration section:
ldap {
server = "x.x.x.x"
identity = "cn=username"
password = password
basedn = "ou=email,o=data,c=eg"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
password_header = "{CRYPT}"
ldap_connections_number = 100
timeout = 15
tim
>I decided to install free radius 2.1.6-2 to test it and then to upgrade
> my existing versions in my servers. I configured my free radius to use
> ldap.
> When I tried to authenticate from the new radius it gave me the following
> message "from radius -X".
>
> Replacing User-Password in confi
Hi,
I decided to install free radius 2.1.6-2 to test it and then to upgrade
my existing versions in my servers. I configured my free radius to use ldap.
When I tried to authenticate from the new radius it gave me the following
message "from radius -X".
Replacing User-Password in config items w
> I have implemented Free Radius Server
> SUSE 9.3 Prof and using mysql database with Perle JETSTREAM 4000 RAS
> device. My problem is that when I try to connect a user through modem
> in windows XP client machine its occure a error 691 but radius log
&g
Dear freeradius-users,
I have implemented Free Radius Server
SUSE 9.3 Prof and using mysql database with Perle JETSTREAM 4000 RAS
device. My problem is that when I try to connect a user through modem
in windows XP client machine its occure a error 691 but radius
On Fri, 2009-08-28 at 11:51 +0100, Ivan Kalik wrote:
> > On Fri, 2009-08-28 at 11:26 +0100, Ivan Kalik wrote:
> 1. You are using 1.x queries in a 2.x server. Fix that.
> 2. That user was found as system user as well and unix module is enabled.
> You likely have different password in /etc/passwd.
On Fri, 2009-08-28 at 11:26 +0100, Ivan Kalik wrote:
>
> Remove forcing of Auth-Type Local. Let the server set the auth type.
That resulted in a different error message:
++[sql] returns ok
++[pap] returns updated
rad_check_password: Found Auth-Type
auth: type "PAP"
+
> I've been using FreeRadius for quite some time now, but after a recent
> update (to 2.0.4, debian lenny variant) all users in a certain group
> have stopped authenticating properly, with the above error -- even
> though as far as I can tell the password transmitted (and logged)
Hello,
I've been using FreeRadius for quite some time now, but after a recent
update (to 2.0.4, debian lenny variant) all users in a certain group
have stopped authenticating properly, with the above error -- even
though as far as I can tell the password transmitted (and logged) is
identic
> Also any ideas as to how I may insert the variable from perl would be
> nice.
Read rlm_perl documentation.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
, 2009 11:03 AM
To: FreeRadius users mailing list
Subject: Re: LDAP MSCHAP error
Larry Ross wrote:
> LOL, K. Just found it interesting that with so little data you were able to
> devine our schema. The problem here is our LDAP tree will not or cannot
> change (political reasons... L
: FreeRadius users mailing list
Subject: Re: LDAP MSCHAP error
Larry Ross wrote:
> LOL, K. Just found it interesting that with so little data you were able to
> devine our schema. The problem here is our LDAP tree will not or cannot
> change (political reasons... Long story sucks for me, bu
Larry Ross wrote:
> LOL, K. Just found it interesting that with so little data you were able to
> devine our schema. The problem here is our LDAP tree will not or cannot
> change (political reasons... Long story sucks for me, but as they say wish in
> one hand and poop in the other, get back t
iling list
Subject: Re: LDAP MSCHAP error
Larry Ross wrote:
> Hmm interesting, how were you able to divine that that is how we are storing
> the has values...
C programming 101.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List inf
I don't want to receive any email form freeradius-users@lists.freeradius.org .
plss
--- On Fri, 8/21/09, Alan DeKok wrote:
From: Alan DeKok
Subject: Re: LDAP MSCHAP error
To: "FreeRadius users mailing list"
Date: Friday, August 21, 2009, 11:35 PM
Larry Ross wrote:
> Hm
Larry Ross wrote:
> Hmm interesting, how were you able to divine that that is how we are storing
> the has values...
C programming 101.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Sent: Thursday, August 20, 2009 11:59 PM
To: FreeRadius users mailing list
Subject: Re: LDAP MSCHAP error
Larry Ross wrote:
> It appears though that there may be a bug in the string copy function of
> the rlm_ldap function (or whatever is responsible for copying the
> attributes from LDAP
Larry Ross wrote:
> It appears though that there may be a bug in the string copy function of
> the rlm_ldap function (or whatever is responsible for copying the
> attributes from LDAP to Server core for MSCHAP challenge compare) We
> noticed the truncation upon "00" and "3d" in the NT-Password ha
901 - 1000 of 2904 matches
Mail list logo
