Re: Error messages in debug on 3.0

On 10 Oct 2013, at 22:23, Alan DeKok wrote: > Phil Mayers wrote: >> I've just ported our config to 3.0 and I'm seeing a few error messages; >> they don't seem to be critical but are concerning me. >> >> Specifically I'm seeing: >> >> ERROR: Conditional evaluation failed due to internal sanity

Re: Error messages in debug on 3.0

Phil Mayers wrote: > I've just ported our config to 3.0 and I'm seeing a few error messages; > they don't seem to be critical but are concerning me. > > Specifically I'm seeing: > > ERROR: Conditional evaluation failed due to internal sanity check. That should be fixed. Either it can be delet

Re: Error messages in debug on 3.0

On 10/10/13 18:51, Arran Cudbard-Bell wrote: possibly if (outer.request && Hmm, no same thing, and worse it's squashing Module-Failure-Message :o( - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Error messages in debug on 3.0

> On 10 Oct 2013, at 18:32, Phil Mayers wrote: > > I've just ported our config to 3.0 and I'm seeing a few error messages; they > don't seem to be critical but are concerning me. > > Specifically I'm seeing: > > ERROR: Conditional evaluation failed due to internal sanity check. > > ...whe

Re: Error messages in debug on 3.0

On 10/10/13 18:32, Phil Mayers wrote: I've just ported our config to 3.0 and I'm seeing a few error messages; they don't seem to be critical but are concerning me. Specifically I'm seeing: We're also getting: Info: Invalid operator for item Sql-Group: reverting to '==' ...which is logged to

RE: Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or does not exist

mypol" "semodule -i mypol.pp" That fixed the problem, thanks again. From: Bill Grant [wgr...@ebpl.org] Sent: Saturday, May 25, 2013 8:29 PM To: FreeRadius users mailing list Subject: RE: Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS]

RE: Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or does not exist

2013 7:44 PM To: FreeRadius users mailing list Subject: Re: Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or doesnot exist Bill Grant wrote: > I am having trouble starting freeradius at boot on CentO

Re: Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or does not exist

Bill Grant wrote: > I am having trouble starting freeradius at boot on CentOS 6.4. It starts, but > it does not connect to my database; however, if run it manually from the > command the it works fine. I think there is permission issue somewhere. See > the log below: > > when I run following co

Re: Error syntax in sql accounting.

Hocine M wrote: > Hi everybody, > > I always have an error in radius.log file : > > Mon Feb 4 16:16:52 2013 : Error: [sql_acct] Couldn't insert SQL > accounting START record - Erreur de syntaxe pr�s de '' � la ligne 1 Don't edit the configuration files and break them. You do understand wh

Re: Error: [ldap] All ldap connections are in use

On 21 Nov 2012, at 13:00, Phil Brown wrote: > We have started seeing problems our radius server with the Error > "Error: [ldap] All ldap connections are in use" > > We have increased the "ldap_connections_number" from 5 to 20 which has > largely resolved the issue. > > we now receive over 1

Re: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

Issue is resolved. I was infact editing the wrong users file. I was editing the users file in the raddb folder of the uncompressed tarball. Thanks for the help. Regards, Shravan On Sat, Nov 10, 2012 at 6:54 AM, Phil Mayers wrote: > On 11/10/2012 03:54 AM, Shravan S G wrote: > >> Hi all, >> >> I

Re: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

On 11/10/2012 03:54 AM, Shravan S G wrote: Hi all, I am trying to configure FreeRadius 2.2.0. I am trying to test with the radtest utility. However, when I run radtest, on my radiusd server, I get the following error - "ERROR: No authenticate method (Auth-Type) found for the request: Rejecting t

Re: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

Hi, >I have just untarred the 2.2.0 tarball, and added just one line the users >file: gokul Cleartext-Password:="abcde" at the top of the file...or at the bottom? If you add it to the bottom then other things in the file will prevent that user from being seen/used - add your test user/

Re: error of segmentation during the implementation of eap2

On 20 Sep 2012, at 12:23, Tatiana DIBANDA wrote: > Arran, > > Test for this first segmentation fault : > reading pairlist file /usr/local/etc/raddb/hints > Module: Linked to module rlm_realm > Module: Instantiating module "suffix" from file > /usr/local/etc/raddb/modules/realm > realm suff

Re: error of segmentation during the implementation of eap2

On 19 Sep 2012, at 14:33, Tatiana DIBANDA wrote: > Arran > My first configuration: > In the default and inner-tunnel file we had eap2 {ok = return} in the > Authorize section,allowed eap2 in the authentication section and eap2 in the > post-process. > When we started my server: segmentatio

Re: error of segmentation during the implementation of eap2

Use your first config to test whether the patch worked (it should generate an error and exit). You now appear to be getting a different segfault Please provide a backtrace for this segfault. -Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: error of segmentation during the implementation of eap2

De : Arran Cudbard-Bell À : arnauld ndefo Cc : FreeRadius users mailing list Envoyé le : Mercredi 19 septembre 2012 0h06 Objet : Re: error of segmentation during the implementation of eap2 As Alan B just said, radtest does not send EAP packets, no matter where you send the RADIUS

Re: error of segmentation during the implementation of eap2

As Alan B just said, radtest does not send EAP packets, no matter where you send the RADIUS packets, to the inner tunnel or the outer tunnel, radtest doesn't send EAP-Message. You have hardcoded auth-type eap2 in your users file, so when the request enters the authenticate section, the eap2 mod

Re: error of segmentation during the implementation of eap2

Hi, >Sorry to spam you, but we have  #radtest user1 password 127.0.0.1:1812 0 >testing1234  and  >#radtest user1 password 127.0.0.1:18120 0 testing1234  >and we have got the same result for the client radtest doesnt send EAP packets >line user1 Auth-Type :=eap2, Cleartext-Pass

Re: error of segmentation during the implementation of eap2

; Arran Cudbard-Bell Cc : Alan DeKok ; tatiana dibanda ; "tdibanda2...@yahoo.fr" Envoyé le : Mardi 18 septembre 2012 23h38 Objet : Re: error of segmentation during the implementation of eap2 Hi,  Concerning the error of segmentation, we have removed in the section authorize the

Re: error of segmentation during the implementation of eap2

DeKok ; tatiana dibanda ; "tdibanda2...@yahoo.fr" Envoyé le : Mardi 18 septembre 2012 17h57 Objet : Re: error of segmentation during the implementation of eap2 Hi, >    My project is to authenticate a client openpana with my radius server. The >    authentication met

Re: error of segmentation during the implementation of eap2

On 18 Sep 2012, at 15:07, arnauld ndefo wrote: > My project is to authenticate a client openpana with my radius server. The > authentication method used by the client is based on the EAP-PSK, which is > why I would have a radius server with authtentification method as EAP-PSK. > After apply th

Re: error of segmentation during the implementation of eap2

Hi, >My project is to authenticate a client openpana with my radius server. The >authentication method used by the client is based on the EAP-PSK, which is >why I would have a radius server with authtentification method as EAP-PSK. >After apply the instruction of doc/bugs, i have go

Re: error of segmentation during the implementation of eap2

-radiusd.log which i have attached to the mail. Thank you De : Alan DeKok À : arnauld ndefo ; FreeRadius users mailing list Envoyé le : Mardi 18 septembre 2012 14h54 Objet : Re: error of segmentation during the implementation of eap2 arnauld ndefo wrote: > I

Re: error of segmentation during the implementation of eap2

Hi, >Hi, >We do this before, when we started freeradius compilation. yes - and now you have to do it again (well, just the git pull) as a patch has been made to the repository. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: error of segmentation during the implementation of eap2

Hi, >We have built the v2.1.X version. After that i have followed the >experimental.conf file to configure the eap2.conf. >The "long term support" release. The only changes to this code will  >be minor bug fixes. All new development is done in the "stable" branch. >$ git clone

Re: error of segmentation during the implementation of eap2

DeKok Envoyé le : Mardi 18 septembre 2012 15h19 Objet : Re: error of segmentation during the implementation of eap2 On 18 Sep 2012, at 13:58, alan buxey wrote: > Hi, > >>  Starting program: /usr/local/sbin/radiusd -f >>  [Thread debugging using libthread_db enabled] &g

Re: error of segmentation during the implementation of eap2

} reading pairlist file /usr/local/etc/raddb/huntgroups reading pairlist file /usr/local/etc/raddb/hints  Module: Linked to module rlm_realm  Module: Instantiating module "suffix" from file /usr/local/etc/raddb/modules/realm   realm suffix { format = "suffix" delimiter = "@&qu

Re: error of segmentation during the implementation of eap2

On 18 Sep 2012, at 13:58, alan buxey wrote: > Hi, > >> Starting program: /usr/local/sbin/radiusd -f >> [Thread debugging using libthread_db enabled] >> Program received signal SIGSEGV, Segmentation fault. >> 0x080529d3 in cf_log_err (ci=0x0, >> fmt=0x8085210 "\"%s\" modules aren'

Re: error of segmentation during the implementation of eap2

Hi, >Starting program: /usr/local/sbin/radiusd -f >[Thread debugging using libthread_db enabled] >Program received signal SIGSEGV, Segmentation fault. >0x080529d3 in cf_log_err (ci=0x0,  >    fmt=0x8085210 "\"%s\" modules aren't allowed in '%s' sections -- they >have no suc

Re: error of segmentation during the implementation of eap2

On 18 Sep 2012, at 13:42, arnauld ndefo wrote: > Thank you for your reply Alan. > I am working on a project which is based on EAP_PSK and implement this is the > first part. > > As you have recommend, i have used the gdb to debug and see the problem. The > output that i have is below > # gd

Re: error of segmentation during the implementation of eap2

arnauld ndefo wrote: > I am working on a project which is based on EAP_PSK and implement this > is the first part. Which didn't answer my question. > Seems that in some part of a code, the eap2 module is not allowed. > > Do you have an idea about this error please. Since you're not going t

Re: error of segmentation during the implementation of eap2

arnauld ndefo wrote: > i want to implement the freeradius with eap-psk. In many forum it is > recommend to read the experimental.conf for configure the module eap2. > After reading the experimental.conf, i have created the file eap2.conf > which is attached to my email. > Also, in the radius.conf,

Re: Error

David Peterson wrote: > Has anyone run across this: > > Couldn't open dictionary "/usr/local/share/freeradius/dictionary": Too many > open files You edited the dictionaries and broke them. You have a circular loop in loading the dictionaries. So the loading process is infinite, and never fi

RE: Error

ulimit? -Original Message- From: freeradius-users-bounces+jmdanner=samford@lists.freeradius.org [mailto:freeradius-users-bounces+jmdanner=samford@lists.freeradius.org] On Behalf Of David Peterson Sent: Tuesday, March 06, 2012 10:04 AM To: FreeRadius users mailing list Subject: Er

Re: error-cause-attribute in CoA-Nak

Hi, I began by saying that I am a newbie so you could expect some errors by me. Fortunately I solved immediately. Thank you anyway. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: error-cause-attribute in CoA-Nak

Gennaro Leo wrote: > I added the Attribute-Name "Unsupported-Attribute" in the dictionary Did I say to do that? > and modified the send-coa subsection as you suggested. Anyway in the > dictionary the 401 code is not accepted (max 255). Can I modify this > limit? You need to follow instructio

Re: error-cause-attribute in CoA-Nak

Gennaro Leo wrote: >> How can I configure the freeradius to set error-cause-attributes (e.g. >> 401 - Unsupported Attribute) when sending a CoA-Nak after receiving an >> Accounting Request? > $ man unlang > > update reply { > Error-Cause = Unsupported-Attribute > } > > > This should go in

Re: error-cause-attribute in CoA-Nak

Gennaro Leo wrote: > How can I configure the freeradius to set error-cause-attributes (e.g. > 401 - Unsupported Attribute) when sending a CoA-Nak after receiving an > Accounting Request? $ man unlang update reply { Error-Cause = Unsupported-Attribute } This should go into the "sen

RE: Error Reading Certificate file

+jmcsparin=hillcountrymemorial.org@lists.freerad ius.org [mailto:freeradius-users-bounces+jmcsparin=hillcountrymemorial.org@lists .freeradius.org] On Behalf Of Alan DeKok Sent: Friday, December 30, 2011 10:22 AM To: FreeRadius users mailing list Subject: Re: Error Reading Certificate file McSparin

Re: Error Reading Certificate file

McSparin, Joe wrote: > Get this error when running radiusd -X I checked my passwords in > eap.cnf, ca.cnf, server.cnf and client.cnf > > rlm_eap: SSL error error:0200100D:system library:fopen:Permission denied > rlm_eap_tls: Error reading certificate file > /usr/local/etc/raddb/certs/server.pem'

RE: Error when trying to create certificates

On Fri, Dec 23, 2011, at 08:52, McSparin, Joe wrote: > It's a package add from FreeBSD ports. I'll try reinstalling it on > another machine and see where it puts it. -- Herbert

RE: Error when trying to create certificates

- From: freeradius-users-bounces+jmcsparin=hillcountrymemorial.org@lists.freerad ius.org [mailto:freeradius-users-bounces+jmcsparin=hillcountrymemorial.org@lists .freeradius.org] On Behalf Of Alan DeKok Sent: Thursday, December 22, 2011 5:46 PM To: FreeRadius users mailing list Subject: Re:

Re: Error when trying to create certificates

> McSparin, Joe wrote: >> It's not located in the /usr/local/etc/raddb directory where my install is >> but I did a search and it is located here >> /usr/local/share/examples/freeradius/raddb/certs/xpextensions. That's weird. What OS/distro is this? OS packages would usualy put them in /usr/shar

Re: Error when trying to create certificates

McSparin, Joe wrote: > It's not located in the /usr/local/etc/raddb directory where my install is > but I did a search and it is located here > /usr/local/share/examples/freeradius/raddb/certs/xpextensions. Find out who created the packaged (RPM, DEB, etc.) for your system, and file a bug. T

RE: Error when trying to create certificates

It's not located in the /usr/local/etc/raddb directory where my install is but I did a search and it is located here /usr/local/share/examples/freeradius/raddb/certs/xpextensions. Joseph R. McSparin Network Administrator Hill Country Memorial Hospital 830 990 6638 phone 830 990 6623 fax jmcspa

Re: Error: Failed to send packet; No response from Server

Alan, I updated the ports tree in FreeBSD which upgraded FreeRadius to 2.1.12 from 2.1.10. After installation I am successful on doing basic PAP Authentication. It solved this issue. Thank You so much! -- View this message in context: http://freeradius.1045715.n5.nabble.com/Error-Failed-to

Re: Error: Failed to send packet; No response from Server

suggestme wrote: > I was successful to install Freeradius 2.1.10 Upgrade to 2.1.12. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Error: /etc/freeradius/proxy.conf[667]: Failed looking up hostname radius.easyzonecorp.net.

Hi, > on server startup after reboot freeradius not start and show error > Error: /etc/freeradius/proxy.conf[667]: Failed looking up hostname > radius.easyzonecorp.net. > > but when i try to start by hand /etc/init.d/freeradius start, it 's OK. > > Why freeradius fail to looking up hostname onl

Re: Error in dialupadmin

Hi andreapepa, Thanks for your answer. If I comment back this line I only see a white screen. This is very very weird. I've installed thousands of web apps, and almost all php based. There's no connection error anywhere. I tried with the php CLI and I only see the same errors from apache2 error.

Re: Error in dialupadmin

yes i've passed the same "issue" after dialup admin installation. but what you reporting is not an error it is only the debug info on top of the pages that will remain there (and shows all the sql behind) until you dont remove the sql debug in admin.conf: # Uncomment to enable sql debug # #sql_d

Re: Error in Activation Attribute

On Fri, Sep 9, 2011 at 9:50 AM, Det Det wrote: > Hi, > I have Activation attribute in radcheck table (which has a date VALUE) in > old RADIUS server. I don't find this attribute in FreeRADIUS. I get this > error. any idea? What radius server is that? If it's also a freeradius installation, the o

Re: Error in Activation Attribute

Det Det wrote: > I have Activation attribute in radcheck table (which has a date VALUE) > in old RADIUS server. I don't find this attribute in FreeRADIUS. I get > this error. any idea? What is "Activation"? It's not a standard RADIUS attribute. FreeRADIUS doesn't support it. Alan DeKok. -

Re: Error: User-Name is not the same as MS-CHAP name

Hi, I seem to have the same issue as described in this thread, I also have XP/Novell legacy clients, and I want to move to AD from eDir. Re: Error: User-Name is not the same as MS-CHAP name<https://lists.freeradius.org/pipermail/freeradius-users/2011-June/msg00070.html> The last mention

RE: Error with AD/freeradius config

y 15, 2011 10:53 AM To: FreeRadius users mailing list Subject: RE: Error with AD/freeradius config If I may interject... if Gary's hint does not pan out I would suggest also checking that the ntlm_auth binary is accessible to the FR daemon, I had an issue on my box that the file permissio

RE: Error with AD/freeradius config

4-295-4221 -Original Message- From: freeradius-users-bounces+jake.sallee=umhb@lists.freeradius.org [mailto:freeradius-users-bounces+jake.sallee=umhb@lists.freeradius.org] On Behalf Of Edge Sent: Friday, July 15, 2011 10:42 AM To: freeradius-users@lists.freeradius.org Subject: Re:

Re: Error with AD/freeradius config

re specific than "Re: Contents of Freeradius-Users digest..." Today's Topics: 1. Re: Error with AD/freeradius config (Arran Cudbard-Bell) 2. Re: Stripped-User-Name Problems (Re: Unmatched ( or \(, and, ?more?broadly, setting Stripped-User-Name) (Alexander Clouter) 3.

RE: Error with AD/freeradius config

Exec-Program output: Exec-Program: FAILED to execute /usr/local/etc/raddb/modules/ntlm_auth: Permission denied Exec-Program-Wait: plaintext: Exec-Program: FAILED to execute /usr/local/etc/raddb/modules/ntlm_auth: Permission denied Your path to ntlm auth is wrong. You need to specify the path to

Re: Error with AD/freeradius config

On Jul 15, 2011, at 4:26 PM, Edge wrote: > Exec-Program output: Exec-Program: FAILED to execute > /usr/local/etc/raddb/modules/ntlm_auth: Permission denied > Exec-Program-Wait: plaintext: Exec-Program: FAILED to execute > /usr/local/etc/raddb/modules/ntlm_auth: Permission denied Helps to actua

Re: Error with AD/freeradius config

On 07/14/2011 06:11 PM, Arran Cudbard-Bell wrote: How about what I've just put there? Neat :) Looks good. Tweaked a few bits and pieces and converted it back to RST. I wanted this to be bundled with general AD Back to? There was just an empty page there when I visited, or am I missing your

Re: Error with AD/freeradius config

On Jul 14, 2011, at 6:29 PM, Phil Mayers wrote: > On 14/07/11 16:34, Arran Cudbard-Bell wrote: > >> http://wiki.freeradius.org/NTLM+Auth+with+PAP+HOWTO > > How about what I've just put there? Neat :) Looks good. Tweaked a few bits and pieces and converted it back to RST. I wanted this to be b

Re: Error with AD/freeradius config

Sent: Thursday, July 14, 2011 10:34 AM > To: FreeRadius users mailing list > Subject: Re: Error with AD/freeradius config > > > On Jul 14, 2011, at 5:18 PM, Gary Gatten wrote: > > > I don’t think you need braces and such, this is not as much an auth type as a > metho

Re: Error with AD/freeradius config

On 14/07/11 16:34, Arran Cudbard-Bell wrote: http://wiki.freeradius.org/NTLM+Auth+with+PAP+HOWTO How about what I've just put there? Needs testing, but it should work. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Error with AD/freeradius config

nces+ggatten=waddell@lists.freeradius.org] On Behalf Of Edge Sent: Thursday, July 14, 2011 11:18 AM To: freeradius-users@lists.freeradius.org Subject: Re: Error with AD/freeradius config Thanks for the quick reply Gary I changed the /usr/local/etc/raddb/sites-enabled/default file to #

Re: Error with AD/freeradius config

You can reach the person managing the list at freeradius-users-ow...@lists.freeradius.org When replying, please edit your Subject line so it is more specific than "Re: Contents of Freeradius-Users digest..." Today's Topics: 1. Re: Error with AD/freeradius config (Phil Mayers) 2.

RE: Error with AD/freeradius config

addell@lists.freeradius.org] On Behalf Of Arran Cudbard-Bell Sent: Thursday, July 14, 2011 10:34 AM To: FreeRadius users mailing list Subject: Re: Error with AD/freeradius config On Jul 14, 2011, at 5:18 PM, Gary Gatten wrote: I don't think you need braces and such, this is not as mu

Re: Error with AD/freeradius config

On Jul 14, 2011, at 5:18 PM, Gary Gatten wrote: > I don’t think you need braces and such, this is not as much an auth type as a > method > > Try just a single line that reads: ntlm_auth > > Also, I actually had to set my default auth-type to ntlm_auth. You know the > part where it says “…f

Re: Error with AD/freeradius config

On 14/07/11 16:04, Edge wrote: My /sites-enabled/default file - I have just copied the authentication section as everything else in the file is at default settings Not necessary or helpful. Full debug (which you didn't provide; you trimmed the start) is what's needed. rad_recv: Access-Req

Re: Error with Thread

Thank for your advices, I really think what have a problem with DB. Because the problem only happens when have many authentication requests simultaneously. Thanks again. Jean Em 29-06-2011 10:46, Fajar A. Nugraha escreveu: > On Wed, Jun 29, 2011 at 8:29 PM, Jean Carlos Oliveira Guandalini > wro

Re: Error with Thread

On Wed, Jun 29, 2011 at 8:29 PM, Jean Carlos Oliveira Guandalini wrote: > Unfortunately I not update a version because one module what we use was > not run correctly in newer versions > That sucks :P If I were you I'd start investing in reeimplementing that module so it's compatible with newer 2

Re: Error with Thread

Unfortunately I not update a version because one module what we use was not run correctly in newer versions If I use Mysql(InnoDB) instead MyISAM, maybe help with table lock and consequently better performance? Thanks Jean Em 29-06-2011 10:10, Fajar A. Nugraha escreveu: > On Wed, Jun 29, 2011

Re: Error with Thread

On Wed, Jun 29, 2011 at 6:32 PM, Jean Carlos Oliveira Guandalini wrote: > Hello, i'm using version 1.1.8, my OS is Linux (Gentoo). The usual response would be "upgrade". 1.x is not supported anymore. > > My server stop and log this: > Error: FATAL: Thread create failed: Resource temporarily unav

RE: "Error: rlm_ldap: All ldap connections are in use"

: FreeRadius users mailing list Subject: RE: "Error: rlm_ldap: All ldap connections are in use" Hi, Our ldap server is Novell edirectory 8.6 , the radius is taking with edirectory8.6. Regards Angus ITU Systems Ext: 6551 -Original Message- From: freeradius-users-bounces+ajian

RE: "Error: rlm_ldap: All ldap connections are in use"

...@lists.freeradius.org] On Behalf Of Phil Mayers Sent: Monday, June 13, 2011 10:12 PM To: freeradius-users@lists.freeradius.org Subject: Re: "Error: rlm_ldap: All ldap connections are in use" On 13/06/11 14:44, Angus JIANG Jian wrote: > we found the following error messages in the RADIUS log "

Re: "Error: rlm_ldap: All ldap connections are in use"

On 13/06/11 14:44, Angus JIANG Jian wrote: we found the following error messages in the RADIUS log "Error: rlm_ldap: All ldap connections are in use" on redhat workstation 5 OS. "Error: Discarding duplicate request from client AP1840-4:1031 - ID: 72 due to unfinished request 1017" 7:05pm - Tried

Re: Error: User-Name is not the same as MS-CHAP name

On 03/06/11 15:09, Johan Meiring wrote: On 2011/06/03 02:15 PM, Phil Mayers wrote: I'm not downloading a torrent of copyrighted software to fix someone else's problem. As long as you dont get a key, it is legal. This is getting farcical... Not picking on any one specific person here, but

Re: Error: User-Name is not the same as MS-CHAP name

Johan Meiring wrote: > As long as you dont get a key, it is legal. No. This list is not the place to discuss non-FreeRADIUS software. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Error: User-Name is not the same as MS-CHAP name

On 2011/06/03 02:15 PM, Phil Mayers wrote: I'm not downloading a torrent of copyrighted software to fix someone else's problem. As long as you dont get a key, it is legal. -- Johan Meiring Cape PC Services CC Tel: (021) 883-8271 Fax: (021) 886-7782 Before acting on thi

Re: Error: User-Name is not the same as MS-CHAP name

On 03/06/11 13:10, Paul Harris wrote: On 02/06/11 14:47, Francois Gaudreault wrote: Did you have a chance to look at it? Ironically I'm having trouble finding a windows XP install CD... I have a link to a torrent, just send me a email at pau...@mail.com Or not. I'm not downloading a

RE: Error: User-Name is not the same as MS-CHAP name

On 02/06/11 14:47, Francois Gaudreault wrote: >>> >> Did you have a chance to look at it? >Ironically I'm having trouble finding a windows XP install CD... I have a link to a torrent, just send me a email at pau...@mail.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/li

Re: Error: User-Name is not the same as MS-CHAP name

On 06/02/2011 10:39 PM, Fajar A. Nugraha wrote: On Thu, Jun 2, 2011 at 9:01 PM, Phil Mayers wrote: On 02/06/11 14:47, Francois Gaudreault wrote: Did you have a chance to look at it? Ironically I'm having trouble finding a windows XP install CD... This might help: Not really. - List in

Re: Error: User-Name is not the same as MS-CHAP name

On Thu, Jun 2, 2011 at 9:01 PM, Phil Mayers wrote: > On 02/06/11 14:47, Francois Gaudreault wrote: > >>> >> Did you have a chance to look at it? > > Ironically I'm having trouble finding a windows XP install CD... This might help: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=21eabb

Re: Error: User-Name is not the same as MS-CHAP name

On 02/06/11 14:47, Francois Gaudreault wrote: Did you have a chance to look at it? Ironically I'm having trouble finding a windows XP install CD... - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Error: User-Name is not the same as MS-CHAP name

Hi Phil, What I really want to understand is, whether the check is too strict and FreeRADIUS should be fixed, or whether Windows XP is just buggy. I will try to check this tomorrow. e.g. maybe the check should be: if eap.username == mschap.username: ok elif not mschap.domain: if eap.stri

Re: Error: User-Name is not the same as MS-CHAP name

Hi, On 11-05-30 9:55 AM, Phil Mayers wrote: On Mon, May 30, 2011 at 07:54:01AM -0400, Francois Gaudreault wrote: There's no guarantee that STAFF\john and STUDENT\john at the same person; you can't just ignore the fact that the client has changed their username. True. But I don't think it

Re: Error: User-Name is not the same as MS-CHAP name

ss -Original Message- From: Phil Mayers Sender: freeradius-users-bounces+ironrake=yahoo@lists.freeradius.org Date: Mon, 30 May 2011 14:55:03 To: FreeRadius users mailing list Reply-To: FreeRadius users mailing list Subject: Re: Error: User-Name is not the same as MS-CHAP name On Mon, M

Re: Error: User-Name is not the same as MS-CHAP name

On Mon, May 30, 2011 at 07:54:01AM -0400, Francois Gaudreault wrote: There's no guarantee that STAFF\john and STUDENT\john at the same person; you can't just ignore the fact that the client has changed their username. True. But I don't think it is possible to send a different Username in E

Re: Error: User-Name is not the same as MS-CHAP name

Hi Phil, Forget about all that. Adding Realm's and fiddling with the packet won't help; the check is hard-coded into the mschap module as a fairly obvious security measure. For example - suppose I have an environment with two separate domains: STAFF STUDENTS ...if the mschap module did *not

Re: Error: User-Name is not the same as MS-CHAP name

On 05/29/2011 03:10 PM, Francois Gaudreault wrote: Hi Phil, On 11-05-29 6:16 AM, Phil Mayers wrote: Ok, so as before what we're seeing is that the host is sending STIC08862\TechRMC ...in the EAP-Identity response, but: TechRMC ...in the MSCHAP packet (the hex above decodes to that) This is

Re: Error: User-Name is not the same as MS-CHAP name

Hi Phil, On 11-05-29 6:16 AM, Phil Mayers wrote: Ok, so as before what we're seeing is that the host is sending STIC08862\TechRMC ...in the EAP-Identity response, but: TechRMC ...in the MSCHAP packet (the hex above decodes to that) This is obviously broken, but here's where I get confused:

Re: Error: User-Name is not the same as MS-CHAP name

On 05/28/2011 06:33 PM, Francois Gaudreault wrote: Sending tunneled request EAP-Message = 0x020700421a0207003d3187ddf68b18fb1dce4cdd5b001c06abc09a7812e4d4a1f425347de951e68fac50054fd8ff32d403fa0054656368524d43 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name

Re: Error: User-Name is not the same as MS-CHAP name

Hi, Here is the complete debug log : rad_recv: Access-Request packet from host 10.220.30.5 port 29010, id=194, length=179 User-Name = "STIC08862\\TechRMC" NAS-IP-Address = 10.220.30.5 NAS-Port = 0 Called-Station-Id = "58-16-26-AA-F7-A1:AVAYA-RESEAU" Call

Re: Error: User-Name is not the same as MS-CHAP name

Hi Phil, and Alan, I will get you the debug output for Windows XP SP3 boxes (likely Monday). I will summarise what we have. Basically, this is a setup where the client is using eDirectory to authorize the users using the rlm_ldap module. On the windows boxes, it is configured to do PEAP usin

Re: Error: User-Name is not the same as MS-CHAP name

On 05/27/2011 09:04 PM, Francois Gaudreault wrote: Hi, I had a look at this issue with him since he is one of our client. Machine authentications are working flawlessly, windows 7 authentication as well (no hostname is sent with the username). I honestly lost track of this issue; the guy had s

Re: Error: User-Name is not the same as MS-CHAP name

Francois Gaudreault wrote: > We are using mschap:user-name in the LDAP filter and in the ntlm_auth > line. Again, we are *NOT* rewriting the User-Name. > > We need other ideas here. Post the debug output. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/user

Re: Error: User-Name is not the same as MS-CHAP name

Hi, I had a look at this issue with him since he is one of our client. Machine authentications are working flawlessly, windows 7 authentication as well (no hostname is sent with the username). The problem is when the HOSTNAME is sent along with the username under windows XP. I tried to set a

Re: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

Thank's Alan, it works! We had the same issue with python auths being serialized that we had with pam, but running out of debug mode fixed the issue. Pam probably would have worked if we tried that, but it was a pam_python module anyway so it is better going directly to python. Thanks again, Jim

Re: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

Jim Whitescarver wrote: > The only thing we want is python authentication. I just commented out > everything else. I will start again and try to minimize edits. I am > rather clueless about the nature the minimum edits should have. Add what you need. The default configuration *works*. > It

Re: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

On Tue, May 17, 2011 at 3:08 PM, Alan DeKok wrote: > Jim Whitescarver wrote: >> But, after sucessfully calling our python module the user is rejected >> >> ERROR: No authenticate method (Auth-Type) found for the request: >> Rejecting the user > >   Don't edit the default configuration and break it

Re: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

Jim Whitescarver wrote: > But, after sucessfully calling our python module the user is rejected > > ERROR: No authenticate method (Auth-Type) found for the request: > Rejecting the user Don't edit the default configuration and break it. > Below is the complete log. > > Any ideas of what we m

  1   2   3   4   5   6   7   >