Hi there,
I'm new to freeradius, and am setting it up purely in a test environment before
deploying live.
We're using Freeradius 2.2.0 and Ubuntu server 12.04 .3 lts with Active
Directory and Fortinet Fortigate based APs
We're trying to achieve the following:
Authentication via Active
...@lists.freeradius.org]
On Behalf Of Simon Grierson
Sent: 01 October 2013 15:08
To: freeradius-users@lists.freeradius.org
Subject: Active Directory Group Membership filtering query
Hi there,
I'm new to freeradius, and am setting it up purely in a test environment before
deploying live.
We're using
Simon Grierson wrote:
Authentication via Active Directory, but with access granted depending
on AD Group membership.
That should be possible.
EG: User A Is allowed Wifi access, as they are in Wifi-Users group
User B is not as they do not have membership of this group.
That's easy.
This will probably be obvious, but I can't see it!
I'm using several instances of ldap to do some load balancing so I've
got ldap1, ldap2, ldap3 etc.
I know in 3 that we need to reference the instance explicitly in the
users files for groups, e.g.
DEFAULT ldap1-ldap-group == group name
But unlike
On 23/07/13 17:19, Franks Andy (RLZ) IT Systems Engineer wrote:
This will probably be obvious, but I can’t see it!
Looks like a bug - the code here:
https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_ldap/groups.c#L495
...passes NULL for the result argument to
=sath.nhs.uk@lists.freeradiu
s.org] On Behalf Of Phil Mayers
Sent: 23 July 2013 17:53
To: freeradius-users@lists.freeradius.org
Subject: Re: Ldap query in FR3
On 23/07/13 17:19, Franks Andy (RLZ) IT Systems Engineer wrote:
This will probably be obvious, but I can't see it!
Looks like a bug - the code
On 23 Jul 2013, at 17:52, Phil Mayers p.may...@imperial.ac.uk wrote:
On 23/07/13 17:19, Franks Andy (RLZ) IT Systems Engineer wrote:
This will probably be obvious, but I can’t see it!
Looks like a bug - the code here:
2013 18:22
To: FreeRadius users mailing list
Subject: Re: Ldap query in FR3
On 23 Jul 2013, at 17:52, Phil Mayers p.may...@imperial.ac.uk wrote:
On 23/07/13 17:19, Franks Andy (RLZ) IT Systems Engineer wrote:
This will probably be obvious, but I can't see it!
Looks like a bug - the code here
Fixed.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Subject: Re: Ldap query in FR3
Fixed.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
HI,
I am using oracle database in free Radius while using sql module. Have to Write
a stored procedure which requires the output in table format. How to get this
output in table format in free radius.
Thanks amp; Regards
Manjunath
nbsp;-
List info/subscribe/unsubscribe? See
On 10/06/13 08:54, manjunath uthappa ponnachana wrote:
HI,
I am using oracle database in free Radius while using sql module. Have
to Write a stored procedure which requires the output in table format.
How to get this output in table format in free radius.
The SQL module only supports
Can use control attribute in sql.conf (sql module config file) query ?
if yes so
what about a new control attribute that define dictionary ?
Best regards.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I am create stored procedure in postgresql database named
findout_cuncurrent_session_for_a_user_result that return Deny or
Permit .
please dont ask the same question - people have read it. or dont read the
mailing list
frequently.
alan
-
List info/subscribe/unsubscribe? See
:
session {
if ({%sql:select findout_cuncurrent_session_for_a_user_result
('%{User-Name}','%{NAS-IP-Address}','%{Called-Station-Id}','%{Calling-Station-Id}')}
== Deny) {
update control {
Pool-Name := Exceeded-Concurrent-Session
}
}
}
What is the problem? Do i write sql query write ? (this query
Dear ALL
I use this query by calling stored procedure in database :
simul_count_query = SELECT
findout_cuncurrent_sessions_for_a_user('%{User-Name}','%{NAS-IP-Address}','%{CalledStationId}','%{CallingStationId}')
but I can not access to the value of CallingStationId and CalledStationId.
my
On 03/23/2013 10:31 AM, Mehdi Ravanbakhsh wrote:
Dear ALL
I use this query by calling stored procedure in database :
simul_count_query = SELECT
findout_cuncurrent_sessions_for_a_user('%{User-Name}','%{NAS-IP-Address}','%{CalledStationId}','%{CallingStationId}')
but I can not access
Thanks i am find correct name .
On Sat, Mar 23, 2013 at 5:35 PM, Phil Mayers p.may...@imperial.ac.ukwrote:
On 03/23/2013 10:31 AM, Mehdi Ravanbakhsh wrote:
Dear ALL
I use this query by calling stored procedure in database :
simul_count_query = SELECT
findout_cuncurrent_sessions_
On 03/04/2013 10:29 PM, Mehdi Ravanbakhsh wrote:
Many thanks for your replay.
How i can call stored procedure in unlang ?
It's just an SQL query. Use an SQL xlat:
{%sql:select myproc('%{Arg1}')}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Dear All
I can use Unlang script and/or Perl module Script to do some select -
update or insert in database BUT i need to know witch one is faster Perl
module or UnLang ???
This is important because i have to many stress on database query .
I use PostgreSQL by p5-DBI and p5-DBD-Pg
to many stress on database query .
I use PostgreSQL by p5-DBI and p5-DBD-Pg .
Likely unlang if you only want to retrieve one value.
-Arran
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
and
change 3 check attribute in radcheck table and Unlang just work to
execute perl script .
so in this case i need to use Perl in general but i can use unlang and
Perl to connect and update database by SQL query i need to know that
which one is faster and which way has more performance :
Perl
query i need to know that which one
is faster and which way has more performance :
Perl Directly connecting to PostgreSQL database
Perl as you can select all the values in one query, or the fastest would be to
create a stored procedure and call it with unlang, but i'm not that familiar
just work to
execute perl script .
Ok.
so in this case i need to use Perl in general but i can use unlang and
Perl to connect and update database by SQL query i need to know that
which one is faster and which way has more performance :
Perl Directly connecting to PostgreSQL
Yes. All clients will have a place where the shared secret is configured EVEN
if the target is the locahost (that doesn't change the spec!) Check the seagull
docs and XML profile
Alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
HI,
I am using seagull testing tool to send messages to free
radius. I am running seagull with radius protocol .
When i send messages from seagull to freeradius , the
password is not getting decrypted properly on radius side.
Can you please tell
Hi,
I am using seagull testing tool to send messages to free
radius. I am running seagull with radius protocol .
When i send messages from seagull to freeradius , the
password is not getting decrypted properly on radius side.
@lists.freeradius.org]
On Behalf Of a.l.m.bu...@lboro.ac.uk
Sent: 20 December 2012 16:16
To: FreeRadius users mailing list
Subject: Re: freeradius query on password encryption and decryption
Hi,
I am using seagull testing tool to send messages to free
radius. I am running seagull
Yashaswini Sathyanarayana wrote:
Every time I am sending a message from seagull to freeradius ,it is decode
the password differently. I am also getting the following error in Radius
debug mode .
...
WARNING: Unprintable characters in the password. Double-check the shared
secret on the
Hi ,
User-Password = \311~B]\021\267\332i\217
This part of message is not right.
The shared secret is same in both system.
Thanks Regards,
Yashaswini | Prod Engg | Tech Mahindra Ltd.
9 / 7 Hosur Road, Bangalore - 560029, India.
(Office: +91 80 40243000, Extn:
Yashaswini Sathyanarayana wrote:
User-Password = \311~B]\021\267\332i\217
This part of message is not right.
The shared secret is same in both system.
Either (a) it's not the same, or (b) the client has a bug.
And don't argue over this. I've been doing RADIUS for ~15
On 20/12/12 11:50, Yashaswini Sathyanarayana wrote:
WARNING: Unprintable characters in the password. Double-check the shared
secret on the server and the NAS!
This message is accurate. You have a typo, or the NAS is buggy.
Re-set the shared secret to something VERY SIMPLE e.g. abc123 - no
I am using seagull to send messages to freeradius. seagull and freeradius are
in same machine.
I am not clear about how to set password in nas?? Please help.
Thanks Regards,
Yashaswini | Prod Engg | Tech Mahindra Ltd.
9 / 7 Hosur Road, Bangalore - 560029, India.
(Office: +91 80 40243000, Extn:
I am using seagull to send messages to freeradius . Is there any place I need
to set shared secret in seagull also .
I have installed seagull in the same machine as freeradius.
Thanks Regards,
Yashaswini | Prod Engg | Tech Mahindra Ltd.
9 / 7 Hosur Road, Bangalore - 560029, India.
(Office: +91
On 10/12/2012 09:16 AM, Jonathan Bastin wrote:
Issue with doing it that way is you would get decimal values returned which
freeradius can't deal with.
As others have pointed out - that's trivially dealt with.
Hell, use right-shift if you want:
select limit 10
select quota 10
...it doesn't
[mailto:freeradius-users-bounces+jonathan.bastin=peerpointinternet.co.uk@lis
ts.freeradius.org] On Behalf Of Fajar A. Nugraha
Sent: 15 October 2012 01:40
To: FreeRadius users mailing list
Subject: Re: Query help
On Mon, Oct 15, 2012 at 7:35 AM, Fajar A. Nugraha l...@fajar.net wrote:
If yes
On 12 Oct 2012, at 09:16, Jonathan Bastin
jonathan.bas...@peerpointinternet.co.uk wrote:
Issue with doing it that way is you would get decimal values returned which
freeradius can't deal with.
So use round()...
http://www.w3schools.com/sql/sql_func_round.asp
-Arran
-
List
On Fri, Oct 12, 2012 at 3:16 PM, Jonathan Bastin
jonathan.bas...@peerpointinternet.co.uk wrote:
Issue with doing it that way is you would get decimal values returned which
freeradius can't deal with.
I am posting a bounty of $200
Good to hear that. Hopefuly someone will be able to help you.
On Mon, Oct 15, 2012 at 7:35 AM, Fajar A. Nugraha l...@fajar.net wrote:
If yes, it should be MUCH quicker to simply do the comparison INSIDE
the sql statement. Something like (untested, should work for mysql):
if (%{sql: ( (SELECT radgroupcheck.value FROM radusergroup Inner Join
radgroupcheck
@lists.freeradius.org
Subject: Re: Query help
On 10/10/12 15:25, Jonathan Bastin wrote:
To me it looks like the value is wrapping. Is this due to that even
the interpreter in the site config file is 32-bit only. If this is the
case I presume my only resort it perl. If this is the case could
someone help
'
Subject: RE: Query help
This is the full dump I get
rad_recv: Access-Request packet from host 193.000.221.00 port 1645, id=213,
length=141
Framed-Protocol = PPP
User-Name = 02085000...@peerpointinternet.co.uk
CHAP-Password = 0x045f3e13da52acf8b9e784c0c125ed102f
On 10/10/12 14:23, Jonathan Bastin wrote:
I have been looking at this further am I am having trouble finding the answer.
Is anyone able to point me into the right direction.
You might find it a bit easier to debug if you perform the two SQL
queries (for the quota, and the current limit)
(sql) in sql_postauth: query is INSERT INTO radpostauth
(username, pass, reply, authdate) VALUES (
'0208...@peerpointinternet.co.uk',
'0x048bf9799185d69af262db5d5c0e4c9ba2',
'Access-Reject', '2012-10-10 15:17:40')
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql
Jonathan Bastin wrote:
To me it looks like the value is wrapping. Is this due to that even the
interpreter in the site config file is 32-bit only.
Yes. All numbers in RADIUS are 32-bit.
I think v3 will extend the internal code in the server to use 64-bit
numbers.
Alan DeKok.
-
List
@lists.freer
adius.org
[mailto:freeradius-users-bounces+jonathan.bastin=peerpointinternet.co.uk@lis
ts.freeradius.org] On Behalf Of Alan DeKok
Sent: 10 October 2012 15:36
To: FreeRadius users mailing list
Subject: Re: Query help
Jonathan Bastin wrote:
To me it looks like the value is wrapping
On 10/10/12 15:25, Jonathan Bastin wrote:
To me it looks like the value is wrapping. Is this due to that even the
interpreter in the site config file is 32-bit only. If this is the case I
presume my only resort it perl. If this is the case could someone help me
convert this?
You could divide
I am trying to write a query to look at peoples quota and change their speed
biased on these details. So far I have:
if (%{sql: SELECT radgroupcheck.value FROM radusergroup Inner Join
radgroupcheck ON radusergroup.groupname = radgroupcheck.groupname WHERE
radusergroup.username = '%{User-Name
is of
the SQL query. Any help would be very much appreciated.*
a) you're using radiusd -xX. That's not necessary. Just use
radiusd -X
b) You're not looking at the debug lines BEFORE that one. They show
why the if is taken, or not taken.
-
List info/subscribe/unsubscribe? See http
(
'02085000...@peerpointinternet.co.uk',
'0x045f3e13da52acf8b9e784c0c125ed102f',
'Access-Accept', '2012-10-09 14:53:29')
rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth
(username, pass
gw-rxd-cdn = 891997406
We are getting h323-remote-address multiple times. How can I get both
attribute in sql query for authentication?
I set sql_user_name = %{h323-remote-address}. But I get sql_user_name =
Trunk ID (000111) only. How can I get IP XXX.105.4.197?
Thanks
On Sep 12, 2012, at 11:57 PM, Ankur - BillCall ankur.kalava...@billcall.net
wrote:
We are getting h323-remote-address multiple times. How can I get both
attribute in sql query for authentication?
I set sql_user_name = %{h323-remote-address}. But I get sql_user_name =
Trunk ID (000111
Have tried several version builds on Centos 5.x - currently using FR 2.1.12
rlm_mysql stops after the group check query and does not execute the group
reply query.
19:00:43 2012 : Info: [sql] expand: SELECT id, username, attribute, value,
op FROM radreply
Sun Sep 9 19:00:43 2012 : Info: [sql
Works fine for me... All centos versions, all FR versions since 1.1.3...
On 9/9/2012 7:33 PM, Mada wrote:
Have tried several version builds on Centos 5.x - currently using FR 2.1.12
rlm_mysql stops after the group check query and does not execute the group
reply query.
19:00:43 2012 : Info
On 9 Sep 2012, at 18:33, Mada m...@datacom.mw wrote:
Have tried several version builds on Centos 5.x - currently using FR 2.1.12
rlm_mysql stops after the group check query and does not execute the group
reply query.
19:00:43 2012 : Info: [sql] expand: SELECT id, username, attribute
On 9 Sep 2012, at 20:39, Arran Cudbard-Bell a.cudba...@freeradius.org wrote:
On 9 Sep 2012, at 18:33, Mada m...@datacom.mw wrote:
Have tried several version builds on Centos 5.x - currently using FR 2.1.12
rlm_mysql stops after the group check query and does not execute the group
On Mon, Sep 10, 2012 at 12:33 AM, Mada m...@datacom.mw wrote:
Have tried several version builds on Centos 5.x - currently using FR 2.1.12
rlm_mysql stops after the group check query and does not execute the group
reply query.
19:00:43 2012 : Info: [sql] expand: SELECT id, username
Hello,
I have configured my server to run radius on ipv6 and I was also able to
successfully connect to radius server using radclient binary on my
client machine.
I installed radiusclient as well my machine and I am trying to run
radexample to login to radius server over ipv6, however I am
Hi,
I use the policy configs to provide redundant and load-balance to update
the pool-name.
It´s work fine! But I have same questions...
- Is it the correct way to do it? Is it the better way, considering a
performance in high usage?
- Why the virtual module created in the policy and control
server is dead. So your load-balance part definitely works, but
I wouldn't be so sure about the redundant part. Try killing one of
the sql servers and see what happens.
IIRC I had to explicitly hack a query so it would return some value
(e.g. NOTFOUND, or whatever) when it would usually return
On 06/08/2012 11:28 PM, JustJoe wrote:
Can anyone tell me why it was decided to limit the functionality in v2 by
replacing the old queries?? I have tried replacing the new one with the
old, and it seems to work perfectly again.
In fact, functionality was added, not limited.
(n.b. I'm
-Why-authorize-group-check-reply-query-changed-tp5713626.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
Im using freeradius 2.1.7.
I want to add multiple queries for radpostauth statement like
radpostauth = query1;query2
But it says mysql error.
How can I resolve this issue?
Thanks.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/dialup-conf-multiple-query
mimir wrote:
I want to add multiple queries for radpostauth statement like
radpostauth = query1;query2
But it says mysql error.
How can I resolve this issue?
Run two versions of the SQL module.
The module currently only supports on query at a time.
Alan DeKok.
-
List info
I think stored procedure can be written for multiple queries?
Thank you.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/dialup-conf-multiple-query-for-postauthquery-tp5713591p5713595.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info
-I-find-out-the-query-error-tp5713188p5713349.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Coizado wrote:
Hi there Alan DeKok-2,
Just came by to say thanks for your kind response and to let you know that I
fixed the problem by trying the querys manually until I got them all
working.
Thank you very much.
You're welcome. It's what I do.
Alan DeKok.
-
List
Coizado wrote:
Mon May 21 14:07:18 2012 : Debug: rlm_sql_mysql: query: SELECT id,
username, attribute, value, op FROM login_radius WHERE
username = 'coizado' ORDER BY id
That's the query.
Mon May 21 14:07:18 2012 : Debug: rlm_sql_mysql: MYSQL check_error
be a huge effort to reprogram everything.
I have changed the DB and table names in sql.conf and it seems to be
connectiong ok, but it appears to be some problem in the SQL query but it
won't show the error message, this is what I get on debug:
Mon May 21 14:07:18 2012 : Debug: rlm_sql (sql
in directory...
[ldap] looking for reply items in directory...
WARNING: No known good password was found in LDAP. Are you sure that the
user is configured correctly?
I believe above indicates that no data is received from LDAP query and no
password is retrieved. I have attached relevant debug log output
sonyisda1 e...@tpri.com wrote:
Using FreeRadius on Ubuntu 12.04
FreeRadius is communicating with Windows 2008 R2 Active Directory
server.
I have MS-CHAP authentication working fine. This is used for VPN.
I am setting up LDAP authorization and CHAP authentication. This will
be
used for router
then?
Thanks!
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/FreeRadius-unable-to-read-password-from-LDAP-query-to-win2008-AD-tp5711532p5711577.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http
sonyisda1 wrote:
From the Connection Attempt file, the request comes in with CHAP-Challenge
and CHAP-Password. That is why CHAP is being chosen as the authentication
method.
Basically the user is being authorized through LDAP but LDAP does not do
authentication so what do you recommend
on the RADIUS server
Regards,
Dave
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Blackberry-disabled-server-certificates-query-tp5159946p5615207.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
query in dialup.conf. This works fine with ssh and openvpn
logins but not with mschapv2. I don't know if the password is really not
submitted or just not replaced in the sql query.
in mschapv2, the the client doesn't send user's cleartext password.
Is there a simple way to make this work
hi,
just to revisit this recent thread. Was at a site who were implementing
802.1X authentication and they noted the Blackberry issue - some devices
okay, others not... the FreeRADIUS server was configured to have the WHOLE
CA chain of certs (root, intermediate,server signer and server cert) in
-certificates-query-tp5159946p5159946.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
if you leave the box unchecked disable server certificate validation
then the blackberry connects fine if you uncheck connection fails
failed to connect.
You wrote, ...if you leave it unchecked... (it)... connects fine if you
uncheck (it the) connection fails???
Did you mean to say if you
lmgo5991 wrote:
We are testing various deivces with our new eduroam wirelss and so far so
good. However, an issue cropped up with blackberrys where during the setup,
if you leave the box unchecked disable server certificate validation then
the blackberry connects fine if you uncheck
: 20 January 2012 11:13
To: 'FreeRadius users mailing list'
Subject: RE: Blackberry disabled server certificates query
if you leave the box unchecked disable server certificate
validation
then the blackberry connects fine if you uncheck connection fails
failed to connect.
You wrote
...@lists.freeradius.org
[mailto:freeradius-users-
bounces+j.d.f.palmer=swansea.ac...@lists.freeradius.org] On Behalf Of
Garber, Neal
Sent: 20 January 2012 11:13
To: 'FreeRadius users mailing list'
Subject: RE: Blackberry disabled server certificates query
if you leave the box unchecked disable server
On Tue, Dec 13, 2011 at 2:42 PM, Shweta Khadse shwe...@gmail.com wrote:
Redundant{
Sql1{
ok=2
}
Sql2
{
Ok= return
}
}
Sql_update_
{
FAIL=1
}
Sql_update_
{
FAIL=1
}
}
Looks like
Fajar
Appreciate the time you are taking to help out!
Its like this. We have two parts right
Part 1 -
Redundant module having sql1 and sql2
This is a critical module ,so if sql1 fails it tries sql2. So far so good!
Part 2 -
sql_update_ , sql_update_
The above two update a different
On Tue, Dec 13, 2011 at 3:57 PM, Shweta Khadse shwe...@gmail.com wrote:
Fajar
Appreciate the time you are taking to help out!
Its like this. We have two parts right
Part 1 -
Redundant module having sql1 and sql2
This is a critical module ,so if sql1 fails it tries sql2. So far so good!
Suggestion noted!
As I said we tried our way and got our way! But then things always work
during testing right!
If at some point we do see that the radius disagrees with us , we will
create a redundant set up for part2 as well.
Thanks again!
On Tue, Dec 13, 2011 at 1:19 PM, Fajar A. Nugraha
Thankyou Alan!
You gave us an idea about how we can set ok to return a default ok for
the section.
We tested with our second approach as below and thrilled that it works/
This ensures radius returns ok even if the sql_update_ modules fail.
redundant{
ok
On Tue, Dec 13, 2011 at 1:54 PM, Shweta Khadse shwe...@gmail.com wrote:
Thankyou Alan!
You gave us an idea about how we can set ok to return a default ok for the
section.
We tested with our second approach as below and thrilled that it works/
This ensures radius returns ok even if the
Hi Fajar
Yes we REALLY tested it :)
A quick glance says the OK block will always
be used is what we wanted! Because this block is critical.
What was happening earlier was since we didnt have any return code for the
sql_update_ ,any failure at that level was making the accounting module
On Tue, Dec 13, 2011 at 2:25 PM, Shweta Khadse shwe...@gmail.com wrote:
Hi Fajar
Yes we REALLY tested it :)
A quick glance says the OK block will always
be used is what we wanted! Because this block is critical.
Are you SURE that's what you want?
redundant {
ok
sql1
sql2
}
is
Redundant{
Sql1{
ok=2
}
Sql2
{
Ok= return
}
}
* Sql_update_*
{
FAIL=1
}
*Sql_update_*
{
FAIL=1
}
}
On Tue, Dec 13, 2011 at 11:32 AM, Fajar A. Nugraha l...@fajar.net wrote:
On Tue, Dec 13,
Shweta Khadse wrote:
The last two sql updates ie *Sql_update_ and **Sql_update_
*do not have a redundant module defined. The actions of these statement
is not very critical. However we observe that if the radius is unable to
execute these the radius drops the session and returns a
Dears
I have a question regarding the configurable failover codes.
Our accounting module is defined as follows
Detail…
Detail_hour_ae1
…
…
Redundant{
Sql2 {
Fail=1
…
…
}
Sql2_redundant {
Fail= return
…
…
}
*Sql_update_*
* *
*Sql_update_*
}
query is, what do these two parameters correspond to ? (The most
obvious answer is that they correspond to username-password, as set in
users file for the freeradius server - the obvious pair that is used in
TTLS, TLS and PEAP authentication. But then where does WEP keys come into
picture
Ajay Garg wrote:
I am trying to connect to a network, via LEAP authentication.
Don't. LEAP is insecure and SHOULD NOT be used.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
LEAP is an older form of 802.1X authentication method...superseded by PEAP,
TTLS etc. You need to define a RADIUS server and use WPA/enterprise or
WPA2/enterprise, or the LEAP option if your kit supports it (its sometimes
listed separately) WEP is not LEAP.
alan
-
List
this:
group_membership_query = SELECT radgroup_id \
FROM ${usergroup_table} \
WHERE username = '%{SQL-User-ID}' \
ORDER BY priority
If so, where do I do this?
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Change-SQL-Groupcheck-Query-in-Dialup
. That's why the queries are editable. So you can edit them,
Is it possible to look up the user id prior to this statement running?
Yes. It's just another SQL query:
update request {
SQL-User-Id := %{sql: ...}
}
If so, where do I do
working fine - thanks for help
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Change-SQL-Groupcheck-Query-in-Dialup-conf-tp5026372p5027433.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
JennyBlunt wrote:
Yes, it's a bit annoying Our front end management system is / will be
built using ruby on rails.
RoR seems a little funny with join tables when they don't use IDs. Hence the
need for a change to the sql. The same went for the attribute column which
we needed to alter
On 08/11/11 09:33, Juan remon wrote:
I read some post about this problem, and they say that the problem could
be a slow connection with Ldap or a indexing problem of the ldap,
Yes.
My question is,
if the reason of this problem could be my ldap module configuration and
the type of filter
Hi,
Is it possible to use sql expansion with query stored in a radius
attribute (e.g. Tmp-String-0)? Currently it mime-encodes the
characters equal (=) and single quote (') to =3D and =27, so it's
not usable.
For example, I have something like this to store my local
configuration variables
1 - 100 of 430 matches
Mail list logo