Hi all:
Still havening some issues running free radius on Ubuntu.
[EMAIL PROTECTED]:/sbin# free radius -v
free radius: free radius Version 1.0.2, for host , built on Aug 6 2006
at 20:11:24
Copyright (C) 2000-2003 The free radius server project.
Now I understand that I have to do the
hi
is it possible to have multiple password header definition in an ldap
section
( because we have differents encryption in our ldap directory )
thanks
basile
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hey freeRADIUS users,
now it looks much better:
configure: WARNING: silently not building rlm_counter.
configure: WARNING: FAILURE: rlm_counter requires: libgdbm.
configure: WARNING: silently not building rlm_ippool.
configure: WARNING: FAILURE: rlm_ippool requires: libgdbm.
configure:
I am beginning in Radius. Somebody possesss one how you to install
freeradius and ldap.
Thanks,
Dagoberto Carvalio Junior
--
Dagoberto Carvalio Junior - CCNA/CCAI/FCPF/FCPM/SCS
Analista de Sistemas
Instituto de Ciencias Matematicas
are your
I think that I need the ldap module für the active directory request,
do I
also need the krb5 module?
are you trying to do ad authentication?
if so you don't need ldap module, i needed: winbind,
samba, krb5.conf(don't know to which package it belongs),auth_ntlm(again
don't know
On Tue, Nov 07, 2006 at 08:57:43AM +, Cameron Cowie said:
Why does the /var/run/freeradius directory disapear after a reboot? Am I
missing something here?
Ubuntu does this.
Am I writing to the right group is this a Freeradius issue or and Ubuntu
issue, and if it is a ubuntu issue
-Original Message-
Date: Tue, 7 Nov 2006 11:37:49 +0100 (CET)
From: Michael Messner [EMAIL PROTECTED]
Subject: freeRADIUS on Solaris 10 - x86
To: freeradius-users@lists.freeradius.org
Message-ID: [EMAIL PROTECTED]
Content-Type: text/plain; charset=iso-8859-1
hey freeRADIUS
I need to boot users at one property after a specified time period.
We have adjusted the max-daily-session to 1800 (30 minutes),
but users still seem to be staying on. Can someone point me in the
right direction. The NAS is a Colubris cn3000.
The other attribute we have that may apply is
Alan DeKok [EMAIL PROTECTED] wrote:
The TLS module wasn't built because you don't
have
OpenSSL
installed. (Or you're running debian). Install
OpenSSL, then
re-build and re-install the server.
Thanks Alan. You are right, I am running
Debian(Ubuntu). I checked and OpenSSL is
Mike May
[EMAIL PROTECTED] wrote:
Hello everyone, is it
possible to have NAS entries for a subnet, if so
could someone give me
an example
raddb/clients.conf
Alan DeKok.
--
http://deployingradius.com
- The web site of the book
http://deployingradius.com/blog/
- The
Hello,
i have a problem with chained ca certificats and eap/tls.
my former setup was with simple selfsigned certificates and everything
went perfect,
but now i have to change the setup for the certificates to a third party ca,
they use a root ca and a signing ca signed by the root ca,
this
Chad Best wrote:
OpenSSL and Freeradius have both been installed with
the Synaptic package manager. Is there anything
else
I can do? Any help would be greatly appreciated.
You could build a Debian package from sources. The wiki explains how
to do that.
http://wiki.freeradius.org/Build
Chad Best [EMAIL PROTECTED] wrote:
OpenSSL and Freeradius have both been installed with
the Synaptic package manager. Is there anything
else
I can do? Any help would be greatly appreciated.
See the wiki. Debian is covered there.
Alan DeKok.
--
http://deployingradius.com -
Eric Faden wrote:
users: Matched entry DEFAULT at line 152
rad_check_password: Found Auth-Type System
auth: type System
ERROR: Unknown value specified for Auth-Type. Cannot perform
That error seems pretty telling. Don't set the Auth-Type. If you
didn't do it in LDAP, check around
Thank you
As it turns out , there were a couple of little things wrong with the
radius set up - SSL being the worst,
but the chillispot wasn't set up correctly - and I assumed that it was
cause it worked for the other server.
That's what I get for assuming...so now I am doing a little bit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey Michael,
King, Michael schrieb:
I'm Interpreting your question a little
Please correct the question if I've got it wrong.
You want to user's to be able to have network connectivity at the logon
prompt, so they're username/password is
Hi...
I need to do multiple ldap lookups (2).. The
purpose of both the ldaps are different so it does not
abide with configurable_failover scenario in a way.
ldap1.
This ldap is solely used for authentication for
given user.
ldap2.
This ldap is solely used for checking ldap attribute
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module preprocess returns ok for request 0
radius_xlat: '/var/log/freeradius/radacct/10.10.200.3/auth-detail-20061107'
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/auth
Nicolas Baradakis [EMAIL PROTECTED] wrote:
You could build a Debian package from sources. The
wiki explains how
to do that.
http://wiki.freeradius.org/Build
OK, I will do that. Thanks for the advice. Will I
need to do anything with OpenSSL.
-
List info/subscribe/unsubscribe? See
If(authentication in ldap1 success) {
Use ldap1 in the authenticate stage of radiusd.conf
if(productCode attribute exists in ldap2 success) {
Use ldap2 in the authorize stage of radiusd.conf
Authorize is performed first in FreeRadius (you show authenticate
First), but it shouldn't
Thanks so much Neal. You got it 95% right. The problem
is FreeRadius always authorize first (no matter what
the order in radiusd.conf) and then authenticate.
authorize {
.
.
.
ldap2
}
authenticate {
.
.
.
ldap1
}
So if the user fails in
hey,
I've got Cisco-AVPair for an ldap.attrmap entry and it works ...but
unfortunately only for the first occurence of that attribute from the
LDAP schema (it will pick the first in the schema). How do I map and
return four Cisco-AVPair entries? Is there a particular multiline
separator that I
Peter Param [EMAIL PROTECTED] wrote:
I've got Cisco-AVPair for an ldap.attrmap entry and it works ...but
unfortunately only for the first occurence of that attribute from the
LDAP schema (it will pick the first in the schema). How do I map and
return four Cisco-AVPair entries? Is there a
Eric Martell [EMAIL PROTECTED] wrote:
Thanks so much Neal. You got it 95% right. The problem
is FreeRadius always authorize first (no matter what
the order in radiusd.conf) and then authenticate.
Yes, that's how the server works.
(This authorize should break the sequence and
return
basile [EMAIL PROTECTED] wrote:
is it possible to have multiple password header definition in an ldap
section
( because we have differents encryption in our ldap directory )
Yes, but it's awkward. The CVS head has better support for this.
Alan DeKok.
--
http://deployingradius.com
Andrew Long [EMAIL PROTECTED] wrote:
I need to boot users at one property after a specified time period.
We have adjusted the max-daily-session to 1800 (30 minutes),
but users still seem to be staying on. Can someone point me in the
right direction. The NAS is a Colubris cn3000.
Why use
Mike May [EMAIL PROTECTED] wrote:
After the authn I set some authz like Cisco-AVPair =
priv-lvl=15 used by Cisco routers and switches for network engineers who
live in the proper LDAP group, here is where the problem is. PIX firewalls
do not like me setting the priv lvl, and the reason is
Angel L. Mateo [EMAIL PROTECTED] wrote:
But now I want to send all the logs for requests from a group of
clients (defined as a huntgroup) to the same files, and the request for
all other clients as now (classified with the IP address of the client).
Is there any way to redefine this
Eric Faden [EMAIL PROTECTED] wrote:
Alright. I unset all of the Auth-Types in users and it is getting
closer, but not there yet. Here is the new output. It is getting the
correct NT-Passwords, but doesn't actually seem to test them.
Because Auth-Type is Local, not PAP. The CVS head
Alexander Serkin [EMAIL PROTECTED] wrote:
We have strange behaviour on sparc solaris 10 server with fr-1.1.3
installed:
without any visible reason the radiusd process goes to almost 100% CPU
usage for 3-5 minutes. Then it comes back to normal state again (less
than 1% CPU).
Yuck. I
Andrew Long wrote:
I need to boot users at one property after a specified time period.
We have adjusted the max-daily-session to 1800 (30 minutes),
but users still seem to be staying on. Can someone point me in the
right direction. The NAS is a Colubris cn3000.
The other attribute we have that
Andrew Long [EMAIL PROTECTED] wrote:
I need to boot users at one property after a specified time period.
We have adjusted the max-daily-session to 1800 (30 minutes),
but users still seem to be staying on. Can someone point me in the
right direction. The NAS is a Colubris cn3000.
Why use
And how exactly would I do all of that? I know how to set the AuthType
to nt-pap, but am not sure exactly what to do with the other two.
-Eric
Alan DeKok wrote:
Eric Faden [EMAIL PROTECTED] wrote:
Alright. I unset all of the Auth-Types in users and it is getting
closer, but not there
33 matches
Mail list logo