I've figured this out. For the sake of the list archives:
If you are sending your return attributes from LDAP you must prefix them
in LDAP with +=.
I don't know why it wasn't working before I sent the original email to the
list, but it's working now.
--JST
* J. S. Townsley [Fri, 26 Sep 2003
Kostas Kaleveras wrote an email on this list a few months ago to help
someone with returning multiple attributes in an LDAP authenticated radius
installation.
http://www.mail-archive.com/[EMAIL PROTECTED]/msg15855.html
I am in this same spot, but do not userstand where I should be changing to
I don't mean to double post (well, I do..), nobody has any insight as to
why freeradius is misbehaving in the manner below?
I have a script that does some very simple if statements in the sh shell.
My script exits 0 or 1 for good auth/bad auth; but FR (current cvs)
authenticates my user
PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Exec-Program-Wait anyone?
J. S. Townsley [EMAIL PROTECTED] wrote:
Just for my own learning experience... can you show me the fault(s) in the
code? I reviewed everything and it looked good.
See src/main/auth.c
Greetings list-members.
I have a script that does some very simple if statements in the sh shell.
My script exits 0 or 1 for good auth/bad auth; but FR (current cvs)
authenticates my user regardless.
I have files in the authorize and preacct stanzas of radiusd.conf.
Here's a snippet of my
?
J. S. Townsley wrote:
Anyone on the list ever hacked something up to create hunt groups based on
calledstationid?
I have a situation where I have a NAS with a couple different DID's on it.
I'd like an easy method to differentiate between users on these DID's.
IE, user bob can dial
Anyone on the list ever hacked something up to create hunt groups based on
calledstationid?
I have a situation where I have a NAS with a couple different DID's on it.
I'd like an easy method to differentiate between users on these DID's.
IE, user bob can dial the local XXX number, but not the
Do something like this:
Define your ldap blocks:
ldap FOO{
...
}
ldap FOO2{
...
}
Then do your authtype:
authtype LDAP {
FOO
FOO2
}
Actually, you may want to make
.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
___
J. S. Townsley Senior Network and Systems Engineer
[EMAIL PROTECTED] Integrity Online
-
List info
I'd just like to get a feel for how all of you are doing your accounting.
I need an accurate accounting method so that I can watch my users sessions
more closely when they are reaching peak usage on some of my networks.
I've always used SQL for this, but I have more and more sessions with
ideas?
Dave
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
___
J. S. Townsley Senior Network and Systems Engineer
[EMAIL PROTECTED] Integrity Online
-
List
lower_user is working.
lower_pass is not.
under recent cvs.
reproduced under .4 stable release.
lower_pass works with config value of 'before'. I am using 'after'.
Anyone else seeing this problem?
--JST
-
List info/subscribe/unsubscribe? See
I have three radius servers all with identical configuration files.
I use Ascend-Data-Filter to send an access list back to my users, I do
this via the default_profile setting in the ldap {} block.
This has been working in previous versions, and still works on one of my
servers:
radiusd:
Kalevras [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: ldap default profile not working in recent cvs?
On Wed, 20 Feb 2002, J. S. Townsley wrote:
I have three radius servers all with identical configuration files.
I use Ascend-Data-Filter to send
for authenticating those users via CHAP requests?
I've seen modules for other radius servers to handle these kinds of
requests, but not finding much for FreeRadius.
Thanks much, in advance.
--JST
___
J. S. Townsley Senior Network
I'm working through my last couple bugs before deploying freeradius on my
networks. I found this morning that Ascend NAS boxes are not reporting
Acct-Session-Time like my portmasters and cisco nas boxes do.
Has anyone seen this before? I'm getting rlm_sql errors on trying to
update a record
Greetings list members.
I am testing free radius currently and have a couple questions.
I use the LDAP module for authentication. I have two realms, each on
separate DN's. How can I have two separate ldap configurations?
It would be neat to be able to specify ldap_realma { binddn= etc..}
___
J. S. Townsley Senior Network and Systems Engineer
[EMAIL PROTECTED] Integrity Online
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
18 matches
Mail list logo