Harry J Walsh wrote:
Thanks for the swift reply Dekok. I tried what you suggested and it
doesn't work.
Sorry... looking at the code again, the Response-Packet-Type should go
into the control/check items.
...
$RAD_REPLY{'Response-Packet-Type'} = Access-Challenge;
Change
Yes, that worked a charm. Thanks for the help Alan!
--
Harry
On Tue, Aug 19, 2008 at 6:03 PM, Alan DeKok [EMAIL PROTECTED] wrote:
Harry J Walsh wrote:
Thanks for the swift reply Dekok. I tried what you suggested and it
doesn't work.
Sorry... looking at the code again, the
Hello my name is martin and I'm from Argentina.
I'm trying to configure for use with FreeRADIUS eap + tls and ldap, but
recently started doing this and I am wrong in the first configurations, what
I did was set a cleinte which is a AP's and when I run radiusd-X -x strip me
this mistake even if
it seems to me like a certificate`s password problem.
take a look at server.cnf ca.cnf and clients.cnf.
or read the document that came with the package how to remove all
certificates and create the 3some ( :) ) of them.
2008/8/5 Martin Silvero [EMAIL PROTECTED]:
Hello my name is martin and I'm
pallavi dharmadhikari wrote:
I am trying to test the eapclient on Fedora. When I type this command
radeapclient -x localhost 1812 testing,
and started the freeradius server to accept the packets from eapclient,
the eapclient window gets hanged and nothing happens.
You should really use
I mean EAP-MD5 client application, to send EAP messages to the server.
Initially I tried testing authentication, by sending RADIUS request
and getting accept packets. which worked fine.
Now I am trying to send packets using EAP-MD5.
As per my knowledge, In addition to the radius request and
pallavi dharmadhikari wrote:
As per my knowledge, In addition to the radius request and response ,I
think I need to add EAP message attribute and message authenticator
fields and their TLVs in a structure and use HMAC-MD5 to calculate
message authenticator field value.
Can you suggest me
On Fri 25 Jan 2008, JB wrote:
Peter Nixon wrote:
We have a wiki. You are welcome to contribute...
Account creation/free editing seems to be deactivated...
Yep. Send me a private email with the account name you prefer and I will
create the account for you :-)
Cheers
--
Peter Nixon
Does this mean it is treated differently in an if condition where I don't
need the quotes ? Couldn't the switch statement treat the word the same way
as the if statement treats the left hand side word and the case word like
the right hand side of an if statement ?
Thank you
Markus
Alan
Markus Moeller wrote:
Does this mean it is treated differently in an if condition where I
don't need the quotes ?
No. The man page makes this clear. As of 2.0.1, you don't need
quotes in certain cases when doing conditional comparisons. The same
man page also says that for switch
Markus Moeller wrote:
I have a internal check Attribute My-Test defined as string. I have the
following in authorize
..
switch control:My-Test {
The switch statement should use double quotes: %{control:My-Test}
case {
...
Which will always be taken, because the
Hi,
There is a history of this mailing list, but searching something is a
nightmare.
Imho forum would be great for that.
Sent from my BlackBerry® wireless device
forums suck imho
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[EMAIL PROTECTED] wrote:
Hi,
There is a history of this mailing list, but searching something is a nightmare.
Imho forum would be great for that.
Sent from my BlackBerry® wireless device
forums suck imho
alan
-
List info/subscribe/unsubscribe? See
Nicholas Hall wrote:
What's wrong with sharing your experiances with the list? Adding a
forum will be just another place I'll have to check to get my
FreeRADIUS fix.
That's right, a forum wouldn't be a great idea.
But this list shouldn't be a replacement for the Wiki either. So
Ok. Forum sometimes isn't a best solution. WIKI is a good option because
you'll find all you need without to much off topic.
On Jan 25, 2008 10:18 AM, JB [EMAIL PROTECTED] wrote:
Nicholas Hall wrote:
What's wrong with sharing your experiances with the list? Adding a
forum will be just
We have a wiki. You are welcome to contribute...
-Peter
On Fri 25 Jan 2008, Marinko Tarlac wrote:
Ok. Forum sometimes isn't a best solution. WIKI is a good option because
you'll find all you need without to much off topic.
On Jan 25, 2008 10:18 AM, JB [EMAIL PROTECTED] wrote:
Nicholas Hall
Yes, write to Peter Nixon and he will help you.
Ivan Kalik
Kalik Informatika ISP
Dana 25/1/2008, Marinko Tarlac [EMAIL PROTECTED] piše:
I would like to register too. Is there any chance for this?
On Jan 25, 2008 5:37 PM, JB [EMAIL PROTECTED] wrote:
Peter Nixon wrote:
We have a wiki. You
I would like to register too. Is there any chance for this?
On Jan 25, 2008 5:37 PM, JB [EMAIL PROTECTED] wrote:
Peter Nixon wrote:
We have a wiki. You are welcome to contribute...
Account creation/free editing seems to be deactivated...
Bye,
JB
-
List info/subscribe/unsubscribe? See
Peter Nixon wrote:
We have a wiki. You are welcome to contribute...
Account creation/free editing seems to be deactivated...
Bye,
JB
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
There is a history of this mailing list, but searching something is a
nightmare.
Imho forum would be great for that.
Sent from my BlackBerry® wireless device
-Original Message-
From: Marinko Tarlac [EMAIL PROTECTED]
Date: Thu, 24 Jan 2008 22:14:23
To:FreeRadius users mailing list
On Jan 24, 2008 3:14 PM, Marinko Tarlac [EMAIL PROTECTED] wrote:
I saw that freeradius project has his own chat channel but what about
forum? I read all emails in this list and some of these mails should be
available on some kind of forum so we can share experience.
What do you think?
Hi sir,
i am using freeradius server version(1.1.7)
initially i sent some request to server (radiusd),it was turned failure by
server.
now is there any way, so that without restarting the server (radiusd) ,
further requests can be sent and get processed by the server.
thank you
best
Hi,
Hi sir,
i am using freeradius server version(1.1.7)
initially i sent some request to server (radiusd),it was turned failure by
server.
now is there any way, so that without restarting the server (radiusd) ,
further requests can be sent and get processed by the server.
by default
Uncomment ntdomain in authorize section. And proxy ntdomain to LOCAL.
Ivan Kalik
Kalik Informatika ISP
Dana 14/12/2007, Hangjun He [EMAIL PROTECTED] piše:
Hi,
FreeRADIUS 1.1.6.
Use users file as user store. When I use username/password, It can work.
When I user username/password/domain,
Hangjun He wrote:
And I use EAP-TLS and with correct certs. Even if I set wrong
username in Odessey Client, freeRADIUS will return
success.(check_cert_cn not set).
EAP-TLS authenticates users based on certificates. It ignores the
user name.
Can I let freeRADIUS to check if
Hangjun He wrote:
And I use EAP-TLS and with correct certs. Even if I set wrong
username in Odessey Client, freeRADIUS will return
success.(check_cert_cn not set).
EAP-TLS authenticates users based on certificates. It ignores the
user name.
i think, thats not completely
Yes. It sounds good.
Check common name in the certificate with databases(users or others).
John
[EMAIL PROTECTED] 写道:
Hangjun He wrote:
And I use EAP-TLS and with correct certs. Even if I set wrong
username in Odessey Client, freeRADIUS will return
success.(check_cert_cn not
Don't use EAP-TLS. Use PEAP or EAP-TTLS.
Ivan Kalik
Kalik Informatika ISP
Dana 12/12/2007, Hangjun He [EMAIL PROTECTED] piše:
Hi,
I am using freeRADIUS 1.1.6.
And I use EAP-TLS and with correct certs. Even if I set wrong username
in Odessey Client, freeRADIUS will return
Terry Pelley a écrit :
FreeRADIUS Version 1.1.7 on Novell SLES10
The question is simple but I can't seem to find the answer to it so I
will apologize in advance.
Can some one tell me the format for entering the date in the
Expiration attribute?
I'm using the users file to authenticate
On Wed 27 Jun 2007, [EMAIL PROTECTED] wrote:
There is a redback dictionary included with freeradius (do locate redback
to find it). I would check that attributes they want to use are missing
before replacing it (you do have a file to replace it with?).
Additionally, if there are new RedBack
Hi everyone,
Thank you verry much for your help. If you have firewall or VPN problem
I will be more able to help you.
I made a find command for redback but it returned no result.
The same command for dictionary returned two results :
One in /etc/freeradius/dictionary
and one in
What freeradius version are you using? Try locate redback.
Ivan Kalik
Kalik Informatika ISP
Dana 27/6/2007, Thomas LAVIGNE [EMAIL PROTECTED] piše:
Hi everyone,
Thank you verry much for your help. If you have firewall or VPN problem
I will be more able to help you.
I made a find command for
Thomas LAVIGNE wrote:
I made a find command for redback but it returned no result.
Then you're not using a version of FreeRADIUS that was released in the
past 7 years. It's included a dictionary.redback for almost that long.
The same command for dictionary returned two results :
One in
There is a redback dictionary included with freeradius (do locate redback
to find it). I would check that attributes they want to use are missing
before replacing it (you do have a file to replace it with?).
Ivan Kalik
Kalik Informatika ISP
Dana 27/6/2007, Thomas LAVIGNE [EMAIL PROTECTED] piše:
Alan DeKok wrote:
Patric wrote:
I just want to clarify, if I set the reject_delay to 0, and in my
external script the only thing I do is exit(1);, then freeradius will
return a reject response to the NAS?
It will send a reject to the NAS.
Thanks Alan, you're an absolute gem!
Patrick
Alan DeKok wrote:
Patric wrote:
I just want to clarify, if I set the reject_delay to 0, and in my
external script the only thing I do is exit(1);, then freeradius will
return a reject response to the NAS?
It will send a reject to the NAS.
Sorry if Im flogging a dead horse here...
I
Hi,
Framed-Protocol = PPP
User-Name = [EMAIL PROTECTED]
User-Password = TestUser
NAS-Port-Type = Virtual
NAS-Port = 1010101010
NAS-Port-Id = x/x/x/xx.xxx
Connect-Info = AutoShapedVC
Service-Type = Framed-User
[EMAIL PROTECTED] wrote:
you have various other attributes in your real production system - perhaps
you have matching DEFAULT values (eg in users file) which are aiding the
access accept?
If that were the case, then wouldnt this eliminate the problem:
My radiusd.conf authorize section
As per my ramblings below, I ran the server in debug level 3, and one
can see that it is the correct DEFAULT entry that it is picking up :
rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:1820, id=80,
length=139
Framed-Protocol = PPP
User-Name = [EMAIL PROTECTED]
Alan DeKok wrote:
It's a bug in 1.1.x. It's fixed in 2.0.0
Ah great, at least that explains it! I see the latest public release is
1.1.6, is 2.0.0 available perhaps in the cvs? Would you say it is stable
enough to run in production yet? If not any ETA?
Otherwise can you suggest any
Ah great, at least that explains it! I see the latest public release is
1.1.6, is 2.0.0 available perhaps in the cvs? Would you say it is stable
enough to run in production yet? If not any ETA?
See the main web page? It's all there...
It seems to be in the news section on all the pages
Patric wrote:
Ah great, at least that explains it! I see the latest public release is
1.1.6, is 2.0.0 available perhaps in the cvs? Would you say it is stable
enough to run in production yet? If not any ETA?
See the main web page? It's all there...
Otherwise can you suggest any previous
On Fri 18 May 2007, Patric wrote:
Alan DeKok wrote:
It's a bug in 1.1.x. It's fixed in 2.0.0
Ah great, at least that explains it! I see the latest public release is
1.1.6, is 2.0.0 available perhaps in the cvs? Would you say it is stable
enough to run in production yet? If not any ETA?
[EMAIL PROTECTED] wrote:
It seems to be in the news section on all the pages *except* the main one.
Your browser has cached the main page.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List
Alan DeKok wrote:
See the main web page? It's all there...
Read, and understood :] Out of curiosity I did compile the latest
snapshot, and I see that it is fixed, and even returns the correct
status based on what your external script returns (1 - rejected, 4 -
handled, 5 - invalid,
Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
It seems to be in the news section on all the pages *except* the main one.
Your browser has cached the main page.
Alan you're gonna give us all an inferiority complex if you continue to
be right all the time! ;]
Cheers
Patric wrote:
I am currently using exec to authenticate users through an external script.
When all criteria match I return the correct access-accept pairs and the
users authenticate successfully.
When the criteria are NOT met, I exit(1) my php script to hand control
back to the freeradius
Hi Alan,
Thanks for ur response.
Alan DeKok wrote:
Set reject_delay = 0 in radiusd.conf.
I just want to clarify, if I set the reject_delay to 0, and in my
external script the only thing I do is exit(1);, then freeradius will
return a reject response to the NAS? Or will it simply not
Patric wrote:
I just want to clarify, if I set the reject_delay to 0, and in my
external script the only thing I do is exit(1);, then freeradius will
return a reject response to the NAS?
It will send a reject to the NAS.
Or will it simply not respond?
Because the complaint my NAS
Windows 2000 is not supported, only windows XP
On 4/4/07, wenny wang [EMAIL PROTECTED] wrote:
Hi,
I need help/advise with te following scenario:
1. I have a freeradius server, this server is not part of Active Directory
Domain, server is able to perform ldapsearch for user account.
2. the
1) Microsoft LDAP isn't like normal ldap, you don't get access to the
password. To have freeradius touch the password at any point, it needs to
be on the domain and do a ntlm_auth instead of ldap.
On 4/4/07, wenny wang [EMAIL PROTECTED] wrote:
Hi,
I need help/advise with te following
WRIGHT Alan wrote:
However, there are some requirements.
1. Freeradius needs to proxy accounting to another server
2. Freeradius needs to provide an accounting response to the first
radius box, without waiting for a response from the proxied Server
Is this possible with Freeradius today?
There is a sql.conf file where you can alter user and group sql queries
if you don't want to use suggested sql schema.
Ivan Kalik
Kalik Informatika ISP
Dana 15/3/2007, Kelly Hamlin [EMAIL PROTECTED] piše:
I haven't yet downloaded Free Radius, but looks to be the solutions I'm
in search of. My
Ali Majdzadeh [EMAIL PROTECTED] wrote:
(As suggested by the template itself)
* *reply = pairmake (User-Name, root, T_OP_EQ);
pairadd (request-reply-vps, reply);
request-reply-code = PW_USER_NAME;
No, that last line is wrong. Completely and totally wrong. No
template or examples suggests
Hi
Ali,
Could
you let me know how did u capture the vendor specfic attributes in the
rlm_module ?
like
the one you have described earlier
getenv(USER_NAME) , getnev(Cisco_AVP) ?
Rgds,
Shankar ganesh
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On
Hi ShankarYes, of course.code:char USER_NAME[128];VALUE_PAIR *vp_iterator;vp_iterator = request-packet-vps;while (vp_iterator){ if (strcmp (vp_iterator-name, User-Name) == 0)
strcpy (USER_NAME, vp_iterator-strvalue); vp_iterator = vp_iterator-next;}This method also works for vendor specific
Hi againBy the way, the better approach to catch attributes' values is through the usage of the following function:vp_prints_value(char *out, int outlen, VALUE_PAIR *vp,int delimitst);RegardsAli
On 9/12/06, Ali Majdzadeh [EMAIL PROTECTED] wrote:
Hi ShankarYes, of course.code:char
Shankar Ganesh C [EMAIL PROTECTED] wrote:
Could you let me know how did u capture the vendor specfic attributes in the
rlm_module ?
Read the source code to rlm_files. VSA's are just normal
attributes. You can refer to them by name.
Alan DeKok.
--
http://deployingradius.com - The
Ali Majdzadeh [EMAIL PROTECTED] wrote:
What is(are) the coresponding function pointer(s) for start and stop packets
in an rlm module? (Something like xxx_authenticate)
The accounting sections handle accounting packets.
Alan DeKok.
--
http://deployingradius.com - The web site of the
Ali Majdzadeh [EMAIL PROTECTED] wrote:
Is it possible to catch Multiple-valued attributes through a C program?
I can fetch, for example, User-Name attribute by calling USER_NAME = getenv
(USER_NAME);
but how should I fetch something like Cisco-AVPair?
You don't. You write a module in the
Hi Alan
Thanks for your help.
Best RegardsOn 9/7/06, Alan DeKok [EMAIL PROTECTED] wrote:
Ali Majdzadeh [EMAIL PROTECTED] wrote: Is it possible to catch Multiple-valued attributes through a C program? I can fetch, for example, User-Name attribute by calling USER_NAME = getenv
(USER_NAME); but how
Ali Majdzadeh [EMAIL PROTECTED] wrote:
I am writing a C program as an external program for freeradius to handle
authentication requests recieved from a Cisco VoIP router.
How can I pack attribute-value pairs and send them to the router?
scripts/exec-program-wait
Just print the attributes
/etc/raddb/users[154]: Syntax error: Previous line is missing a trailing
comma for entry DEFAULT
Basically, it is something in the config file, but is there a way to locate
the error in this configuration file?
How could this message be any more clear? What do you *think* you have to
chack,
To: FreeRadius users mailing list
Subject: Re: question about an output
/etc/raddb/users[154]: Syntax error: Previous line is missing a trailing
comma for entry DEFAULT
Basically, it is something in the config file, but is there a way to locate
the error in this configuration file?
How could
Scott Hughes wrote:
Does Freeradius have the ability to use multiple nodes in similar
fashion to name servers? An example of this would be a situation when
the master freeradius server is down for some reason, but the slave
freeradius server(s) continue to grant deny access but do not
it.
Thanks again!
Scott
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
On Behalf Of Dennis Skinner
Sent: Tuesday, August 08, 2006 12:58 PM
To: FreeRadius users mailing list
Subject: Re: Question
Scott Hughes wrote:
Does Freeradius have the ability to use multiple nodes
Hi Alan
Thanks for your attentio.
By the way, I recently read about NOREALM attribute. I think I should make use of this and specify the servers which I want to treat requests without realms, am I right?
Best Regards
Ali
On 8/6/06, Alan DeKok [EMAIL PROTECTED] wrote:
Ali Majdzadeh [EMAIL
Ali Majdzadeh [EMAIL PROTECTED] wrote:
Is it possible to configure a forwarding RADIUS server to broadcast a
request to all remote RADIUS servers? (I mean, without paying attention to
athentication realms)
No.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
[EMAIL PROTECTED] wrote:
I've setup a Freeradius box that I'm trying to proxy to an IAS box.
However, I would like all requests that need to be proxied to use
ms-chapv2 to 'talk' to the IAS box. Is this possible=3F
Yes.
DEFAULT MS-CHAP-Challenge =* 0x00, Proxy-To-Realm := foo
Alan
Where does this go? Users?
-Original Message-
From:
[EMAIL PROTECTED]
g
[mailto:[EMAIL PROTECTED]
adius.org] On Behalf Of Alan DeKok
Sent: Tuesday, August 01, 2006 10:39 AM
To: FreeRadius users mailing list
Subject: Re: Question regarding proxying.
[EMAIL PROTECTED] wrote:
I've setup
Hi,
# First setup all accounts to be checked against the UNIX /etc/passwd.
# (Unless a password was already given earlier in this file).
#
DEFAULT Auth-Type = Radius
Fall-Through = 1
thats going to cause huge amounts of pain for you (and others who read this)
simply
delete this
Chad Stanphill wrote:
I have been running Freeradius for a while but It can only use CHAP and
for some reason I can not get PAP to work.
I have the config set to the basic on most things.
Can anyone help me figure out if I am missing something
Thanks
Please run freeradius in debug mode
Howlett [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Wednesday, April 12, 2006 10:38 AM
Subject: Re: Question
Chad Stanphill wrote:
I have been running Freeradius for a while but It can only use CHAP and
for some reason I can not get PAP
Hi,
modcall: leaving group authorize (returns ok) for request 0
rad_check_password: Found Auth-Type System
auth: type System
try removing the default System authentication method from your
users file.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Chad Stanphill [EMAIL PROTECTED] wrote:
users: Matched entry DEFAULT at line 154
users: Matched entry chadstanphill at line 217
modcall[authorize]: module files returns ok for request 0
Is the users password defined in line 217?
rad_check_password: Found Auth-Type System
On 4/12/06, [EMAIL PROTECTED] [EMAIL PROTECTED]
wrote:Hi, modcall: leaving group authorize (returns ok) for request 0
rad_check_password:Found Auth-Type System auth: type Systemtry removing the default System authentication method from yourusers file.alanWorking now!
i changed system to radius
Silpa Akkina [EMAIL PROTECTED] wrote:
serveri think all i can get is debug with seconds resolution...but for
my
project i have to take milli seconds readingsplease help!
Edit the source code.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Terry Zarelli [EMAIL PROTECTED] wrote:
A list is maintained to correlate EAP-Response
packets with EAP-Request packets. After a
configurable length of time, entries in the list
expire, and are deleted.
timer_expire =3D 60
An EAP conversation spans multiple RADIUS packets. So
This may seem off topic, but here it is:
I am currently using Freeradius 1.1.0 on Solaris 9 to authenticate WPAenabled clients using EAP-TLS. I am using Cisco 1130 AG access points controlled by a Cisco/Airespace 2000 Wireless Controller using the LWAPP protocol. I have just recently installed
Terry Zarelli wrote:
Hello,
I have a question about a configuration entry in the eap.conf file.
Why did you think posting the same identical question twice, 24 hours
apart, would help?
See Alans reply. Leave it alone.
-
List info/subscribe/unsubscribe? See
I apologize, it appeared that my first post did not show up on the list. Sorry
On 3/17/06, Phil Mayers [EMAIL PROTECTED] wrote:
Terry Zarelli wrote: Hello, I have a question about a configuration entry in the eap.conf
file.Why did you think posting the same identical question twice, 24
Will Saxon [EMAIL PROTECTED] wrote:
Is it possible to have FreeRADIUS check a separate user database to
provide the additional attributes?
Like the users file?
It seems like I could write a script
to take the username, perform some database queries and return the
appropriate information,
Replying to my own post...
On Thu, 2006-03-16 at 11:25 -0500, Will Saxon wrote:
Is it possible to have FreeRADIUS check a separate user database to
provide the additional attributes? It seems like I could write a script
to take the username, perform some database queries and return the
Robert Myers [EMAIL PROTECTED] wrote:
If I authenticate via LDAP or some other mechanism, I can authorize via
the sql tables?
Yes. All of the modules are completely independent of each other.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
So let me ask you this, this allows me to set specific replies for each
user.
How would I go about setting replies for groups of users, when I don't
know the specific usernames? Like if I'd want to assign a specific
reply based on an LDAP group?
-Bob
Alan DeKok wrote:
Robert Myers [EMAIL
Robert Myers [EMAIL PROTECTED] wrote:
How would I go about setting replies for groups of users, when I don't
know the specific usernames? Like if I'd want to assign a specific
reply based on an LDAP group?
You would read the documentation for the LDAP module, and see how to
use LDAP
The documentation is how I found out what questions to ask. :)
Thanks for the point in the right direction.
-Bob
Alan DeKok wrote:
Robert Myers [EMAIL PROTECTED] wrote:
How would I go about setting replies for groups of users, when I don't
know the specific usernames? Like if I'd want to
San [EMAIL PROTECTED] wrote:
1. How do we start the session? I have send the
request to the server and got access_accepted.
What program is sending the request?
I use this command to send acct_request
echo User-Name= Anna| radclient 10.1.0.76 acct -x
testing123
Is that right? or is there
Qin Zhen wrote:
i couldn't figure out what does the change intend to do, is it to
filter out '*', '\\', '()' and '=' from username? and why should it
be in that way? please help me. thanks a lot in advance.
The function ldap_escape_func() filters all LDAP-specific characters
from RFC 2254.
invalid charactors r just simply eliminated? scratching head...pls
assist..thanks so much
- Original Message -
From: Nicolas Baradakis [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Wednesday, December 07, 2005 6:51 PM
Subject: Re
Qin Zhen wrote:
so in lastest version (1.0.5), a username 'jam\' will be converted into
'jam\5c' and ldapsearch will be based on 'jam\5c' right? so this username
is supposed not to be found in ldap in this case?
but how come in my server, the ldapsearch will base on 'jam' and those
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Nicolas Baradakis
Sent: 07 December 2005 13:18
To: FreeRadius users mailing list
Subject: Re: question on ldap_escape_func in rlm_ldap.c
Qin Zhen wrote:
so in lastest version (1.0.5), a username 'jam
]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Wednesday, December 07, 2005 9:17 PM
Subject: Re: question on ldap_escape_func in rlm_ldap.c
Qin Zhen wrote:
so in lastest version (1.0.5), a username 'jam\' will be converted into
'jam\5c' and ldapsearch will be based on 'jam
Qin Zhen wrote:
when i trys to login with username 'james*', ldap_escape_fun acctually
converts it into 'james\2a\2a\2a\2a\2a\2a...', but the radius debug mode
still shows
Debug: rlm_ldap:performing search in dc=sg, o=company, with filter
(objectclass=radiusprofile)(userlogin=james))
that
Linda Pagillo [EMAIL PROTECTED] wrote:
I have upgraded my freeradius from version 0.9.3 to the newest version.
Is it safe to delete all of the files from the 0.9.3 version such as the
.lib, .lib.so and .a files? Thanks!
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Thank you, sir!
- Original Message -
From: Alan DeKok [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Wednesday, November 23, 2005 3:28 PM
Subject: Re: Question about deleting old files
Linda Pagillo [EMAIL PROTECTED] wrote:
I have
Alan DeKok wrote:
Linda Pagillo [EMAIL PROTECTED] wrote:
I have upgraded my freeradius from version 0.9.3 to the newest version.
Is it safe to delete all of the files from the 0.9.3 version such as the
.lib, .lib.so and .a files? Thanks!
Yes.
Alan DeKok.
-
Use package management
Thanks!
- Original Message -
From: Joe Maimon [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Wednesday, November 23, 2005 3:42 PM
Subject: Re: Question about deleting old files
Alan DeKok wrote:
Linda Pagillo [EMAIL PROTECTED] wrote
Lisa Casey [EMAIL PROTECTED] wrote:
With FreeRadius 1.01 on FreeBSD 5.3, is there any way of logging all
authentication requests to radius.log EXCEPT requests from a particular
username?
Or alternatively, log all authentication requests EXCEPT those from a
particular client (this would
Hi, Cheng.
maybe you can check the proposed patch for current CVS version if you find some time:
http://bugs.freeradius.org/show_bug.cgi?id=287
It avoids the digest module configuration option given earlier (in the FreeRADIUS 1.0.5 patch), and uses the MD5-Password attribute to store
201 - 300 of 346 matches
Mail list logo