Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-30 Thread John Dennis
On 11/30/2010 09:45 AM, John Dennis wrote: On 11/25/2010 04:24 PM, Marco Carcano wrote: Hi John thank you very much for the reply - I haven't noticed that exists a freeradius2 rpm package I tried, and after a lot of arrangement on the config files - freeradius2 splits a lot radiusd.conf - I go

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-30 Thread John Dennis
On 11/25/2010 04:24 PM, Marco Carcano wrote: Hi John thank you very much for the reply - I haven't noticed that exists a freeradius2 rpm package I tried, and after a lot of arrangement on the config files - freeradius2 splits a lot radiusd.conf - I got it working but I have to point out this t

Re: Checkval weird issue with LDAP backend and PAM authentication SOLVED with unlang

2010-11-26 Thread Marco Carcano
Hi Alan got E V E R Y T H I N G working if ("%{ldap:ldap://127.0.0.1/CN=%{User- Name},OU=Users,DC=marcolinux,DC=local?eckAllowedServices?base? eckAllowedServices=%{NAS-Identifier}}") { ok } else { reject } thank you anyway - yo

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-26 Thread Marco Carcano
Hi Alan OK - Got working - did a look at rlm_ldap.c, and ldap.h (ldap_is_ldap_url and ldap_url_parse fuctions) - altough I have one issue more, ... se below if ("%{ldap:ldap://127.0.0.1/CN=%{User- Name},OU=Users,DC=marcolinux,DC=local?eckAllowedServices}" == "%{NAS- Identifier}"

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-26 Thread Marco Carcano
Hi Alan, just to let you know: if (NAS-Identifier == "%{ldap:cn=%{User- Name},ou=Users,dc=marcolinux,dc=local (eckAllowedServices)}" ) { ok } message: ++? if (NAS-Identifier == "%{ldap:cn=%{User- Name},ou=Users,dc=marcolinux,dc=local (eckAllowedServices)}" ) rlm_ldap: - ldap_xla

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-26 Thread Marco Carcano
Hi Alan but I have not been able to see a working example using ldap, if (NAS-Identifier == "%{ldap: ... ldap stuff ... }") { thinking at the %{sql:SELECT ...} example I tough I syntax almost like this if (NAS-Identifier == "ldap:cn=%{User-Name},ou=Users,dc=marcolinux,dc=local (e

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-26 Thread Alan DeKok
Marco Carcano wrote: > I RTM unlang, but I have to admit I only got confused - The only thing I > have understood is to write a simple statement like this (in authorize > section) > > if (NAS-Identifier == "ftp" ) { > ok > } > else { > reject

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-25 Thread Marco Carcano
Hi Alan I RTM unlang, but I have to admit I only got confused - The only thing I have understood is to write a simple statement like this (in authorize section) if (NAS-Identifier == "ftp" ) { ok } else { reject } and I think

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-25 Thread Marco Carcano
Hi John thank you very much for the reply - I haven't noticed that exists a freeradius2 rpm package I tried, and after a lot of arrangement on the config files - freeradius2 splits a lot radiusd.conf - I got it working but I have to point out this thing - that I hope you - Red Hat - will

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-23 Thread John Dennis
On 11/23/2010 08:33 AM, Alan DeKok wrote: marco wrote: Sorry Alan I've not realized that the logs had became a garbage :O( - maybe a webmail realted issue of my ISP. Now I Bcc myself to see how does it appear to recipients I tried "man unlang" but got no manual entry - I'm using Freeradius pa

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-23 Thread Alan DeKok
marco wrote: > Sorry Alan > > I've not realized that the logs had became a garbage :O( - maybe a webmail > realted issue of my ISP. > Now I Bcc myself to see how does it appear to recipients > > I tried "man unlang" but got no manual entry - I'm using Freeradius packaged > for CentOS - I'll giv

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-23 Thread marco
Sorry Alan I've not realized that the logs had became a garbage :O( - maybe a webmail realted issue of my ISP. Now I Bcc myself to see how does it appear to recipients I tried "man unlang" but got no manual entry - I'm using Freeradius packaged for CentOS - I'll give a look to http://freeradius

Re: Checkval weird issue with LDAP backend and PAM authentication

2010-11-22 Thread Alan DeKok
marco wrote: > the idea is to use checkval module to catch the NAS-Identifier parameter that > the proftpd module set as "ftp". Why? The "checkval" module has limited functionality. See "man unlang" for a much better way to do attribute comparisons. All of the debug output you provided wa

Checkval weird issue with LDAP backend and PAM authentication

2010-11-22 Thread marco
Hi, I'm facing this issue in configuring radius: I'm developing a GPLv3 script that will easily setup a whole linux server with lots of usefull services (NTP,DHCP,DNS with DDNS update to DHCP, MIT-Kerberos, OpenLDAP (Kerberized), FreeRadius, MySQL, Apache, ProFTP, SQUID, Samba (kerberized), Appl