No
You need to read the manual from your nas / device you are trying to send a
coa or disconnect to about what it expects in the message as I said before.
It's nothing to do with freeradius and everything about how you talk to
your nas.
Error-Cause = Missing-Attribute
Says everything in my
Go back and read the manual from your nas provider as they should tell you
what attributes they need in the coa payload.
On 23/07/2013 4:50 PM, Muhammad Nadeem mnadeem8...@gmail.com wrote:
hi everybody,,
I wanna implement COA (Change Of Authorization) in freeradius. I have a
live session of a
You shouldn't have quotes around your username or domain. You should use
identity = cn=user,ou=people,dc=domain,dc=it
On 19/07/2013 7:05 PM, Marco Aresu marcoar...@gmail.com wrote:
Hi All,
i am new about FreeRadius. I am moving from Cisco ACS Tacacs to
FreeRadius. During LDAP configuration i
On Wed, Jul 10, 2013 at 6:34 PM, Olivier Beytrison
oliv...@heliosnet.org wrote:
On 10.07.2013 07:48, Olivier Beytrison wrote:
if ( ADSL-Agent-Remote-Id =~ /(.{0,31})$/ ) {
if ( ADSL-Agent-Remote-Id =~ /(.{1,32})$/ ) {
that's even better as it won't match an empty attribute (you never know
On Sat, Jul 13, 2013 at 11:36 AM, Arran Cudbard-Bell
a.cudba...@freeradius.org wrote:
On 13 Jul 2013, at 00:14, Peter Lambrechtsen pe...@crypt.co.nz wrote:
On Wed, Jul 10, 2013 at 6:34 PM, Olivier Beytrison
oliv...@heliosnet.org wrote:
On 10.07.2013 07:48, Olivier Beytrison wrote:
if ( ADSL
I've been looking at the options and it looks like the easiest will be
to use perl or similar external module as it can't be done easily in
FR 2.2.x
For our subscriber authentication we use in certain situations the
ADSL Remote ID as the Subscriber ID on the NAS.
The issue with this is the
On Mon, May 20, 2013 at 5:13 AM, Arran Cudbard-Bell
a.cudba...@freeradius.org wrote:
On 19 May 2013, at 12:47, Nasser Heidari nas...@rasana.net wrote:
Hi,
I have several Perl modules running on my Radius server, I'm going to remove
them all and use unlang instead. I have two questions:
Why does auth_log return fail?
On May 4, 2013 8:04 PM, larry tembu larryte...@yahoo.com wrote:
Hi Freeradius users,
i have FR freeradius-2.2.0-0.fc17.i686 set up on fedora 17 machine. the
wimax clients are supplying EAPttls Mschapv2 for authentication. a few
weeks ago, the configuration was
On Mon, Apr 29, 2013 at 12:14 AM, Alan DeKok al...@deployingradius.com wrote:
Juan Pablo L. wrote:
Alan, can you please extend a little bot more ... what do you mean that
you see the correct value i see value f3 08 48 12 when i m
actually expecting 0001 . i really dont see where
It would depend on your NAS. What does the manual of the NAS say? The
maximum number is the unsigned 32bit integer max of 4billion which is just
a few years ;) so I don't really expect you want that.
On Apr 27, 2013 10:06 AM, David Peterson dav...@wirelessconnections.net
wrote:
What is the
The dictionary.3gpp2 seems to have the VSA Attributes you're looking for.
If you're saying that VSA 91 should have subtypes, then you should
look at TLVs in the definition.
ATTRIBUTE 3GPP2-Prepaid-acct-Capability 91 octets
If you have a look in dictionary.dhcp under VSA 82
On Thu, Apr 18, 2013 at 11:35 PM, Matthew Newton m...@leicester.ac.uk wrote:
On Thu, Apr 18, 2013 at 05:52:16PM +1200, Peter Lambrechtsen wrote:
When I setup the post-auth policy to send a update disconnect it works fine
if the response is an access accept. But if I update the control to access
I think I may be doing something wrong but perhaps it is working as
designed.
When I setup the post-auth policy to send a update disconnect it works fine
if the response is an access accept. But if I update the control to access
reject the disconnect module gives me a noop.
Is this supposed to
A question for Alan, or others on the list.
There is the FR LDAP Schema LDIF file to import FreeRadius related schema
into your LDAP directory.
Searching around it seems that OID 1.3.6.1.4.1.3317.4.3.1 up to 68 is
allocated.
http://permalink.gmane.org/gmane.comp.freeradius.devel/6134
Who owns
On Tue, Mar 13, 2012 at 2:18 PM, Alan DeKok al...@deployingradius.comwrote:
Shreya Shah wrote:
Hi,
Is it possible to get the detail file under radacct in .CSV or text
format ?
No. The detail file has a fixed format, which isn't CSV. If you
change it to CSV, then it's no longer the
I was trying to get linelog to log a CSV style log file with the Access
Accept and Reject messages for auditing purposes.
Took a while to see that the Access-Reject verb doesn't work in the
modules/linelog file, it only ever uses the Access-Request since all the
requests are Access-Request
On Thu, Dec 22, 2011 at 3:08 PM, jeissonfabian...@gmail.com wrote:
Yeah,
I found a lot of problems with JRadius, and tried TinyRadius, it's easy!
And It didn't present any problem.
Thanks!
I use this BeanShell script (www.beanshell.org) which allows for Java code
to be executed from the
Tiny Radius works well as well I find.
On Thu, Dec 22, 2011 at 3:27 AM, Jeisson Fabian Perez Rodriguez
jeissonfabian...@gmail.com wrote:
umm Yeah,
I've been trying that.
But now I found another problem! :(
When I run the application, appears this:
log4j:WARN No appenders could be found
Attached is a minor patch to include support for BASE64_MD5 encoded
passwords in a LDAP directory (or anywhere else it may be, as the pap
module does the authenticate).
In ldap the record would look like:
userPassword: {BASE64_MD5}/F4DjTilcDIIVEHn/nAQsA==
If the password was helloworld
Running Free Radius 2.1.7 against a Novell eDirectory LDAP Database.
We're using Dynamic Clients for approx 1200 NAS element devices and looking
up the Elements in our LDAP database.
Even though we have ldap_connections_number = 50 in the modules/ldap we have
issues with the dynamic clients. We
On Mon, Aug 15, 2011 at 3:05 PM, Alan DeKok al...@deployingradius.comwrote:
Each element sends a heartbeat packet to FR once a second to make sure
it's still alive which we capture very early on in the authorize second
and send a reject.
That's a REALLY bad idea. See RFC 2865 for why
I find the easist way to do it is to use a custom users file to allow /
prevent access based on exact matches of LDAP attributes.
then you can say if STAFF = Accept, if STAFF OFFSITE Accept, otherwise
reject.
This is how we do it here:
Any attributes are supported by FreeRadius. They are vendor specified
attributes.
It sounds like you would need a backend database of some sort to manage this
all. But you would probably need the dictionary file from whoever the
vendor is, and figure out how you are going to issue the IP
You can use TinyRadius with JMeter to bulk load queries.
There are a number of different radius client tools you can use.
On Sat, Feb 5, 2011 at 1:30 PM, Gregor Bruhin g...@11g.ch wrote:
Hi,
I'm currently playing around with freeradius to implement a two-way
authentication using smsotp.
You may have the same problem as we did with how UNIT4 was defined.
http://lists.freeradius.org/pipermail/freeradius-users/2010-September/msg00637.html
In the radius.h
-typedef unsigned long UINT4;
+typedef uint32_t UINT4;
Cheers
Peter
On Mon, Jan 31, 2011 at 2:07 PM, vijay s sheelavantar
On Fri, Jan 21, 2011 at 10:33 PM, Alan Buxey a.l.m.bu...@lboro.ac.ukwrote:
2) Issuing client certs isn't that difficult.� with windows vista/7,
installing a cert is a simple double-click operation, so if they have
a
usb flash, you can use linux to zip a copy of their private key
In short no, not easily if you wanted to have dynamic groups and specific
VSA's per groups.
The users file is the best place to put the VSA's you want to return back.
I suggest you read:
http://lists.freeradius.org/pipermail/freeradius-users/2010-October/msg00058.html
As that should answer most
On Sat, Dec 11, 2010 at 3:59 AM, Gary Gatten ggat...@waddell.com wrote:
Look in the configure script, or maybe try ./configure --help. Else the
config options are probably listed in one of the readme's.
Yes it's a configure switch when you compile FR.
I would assume that since it's a
You may need to comment out the logintime and pap sections, since this isn't
a pap authentication.
It seems like the password is being correctly extracted out of eDirectory
using Universal Password, but are you sure that's properly configured in the
build version of FreeRadius?
On Fri, Dec 10,
It's important that FreeRadius was built with the --with-edir switch for
Universal Password to properly work.
On Fri, Dec 10, 2010 at 11:48 AM, Peter Lambrechtsen
plambrecht...@gmail.com wrote:
You may need to comment out the logintime and pap sections, since this
isn't a pap authentication
On Fri, Dec 3, 2010 at 7:24 AM, Garber, Neal
neal.gar...@iberdrolausa.comwrote:
so it would need to be set per IP address or range only for
the limits so that the other users in AD can be used for that
Have you thought about using huntgroups to group your NAS together and then
authorize
Have a read through this thread, you will need to setup Group authentication
in LDAP (or us a specific LDAP Attribute to allow or prevent access).
http://lists.freeradius.org/pipermail/freeradius-users/2010-October/msg00058.html
On Wed, Nov 17, 2010 at 1:55 AM, eduardo moreira
It's probably since you didn't compile OpenLDAP and FreeRadius with OpenSSL
support.
So you will need to recompile OpenLDAP, Cyrus SASL, OpenLDAP and FreeRadius.
On Tue, Nov 2, 2010 at 6:14 AM, eduardo moreira
eduardomoreir...@gmail.comwrote:
Hello list,
Im new with freeradius, but read many
Have a read through these posts.
http://lists.freeradius.org/pipermail/freeradius-users/2010-October/msg00058.html
On Tue, Nov 2, 2010 at 2:10 PM, Hugh Blandford h...@island.net.au wrote:
Dear All,
I have been experimenting with using FreeRADIUS and LDAP, trying to get
some understanding of
Dynamic Clients would only apply to the NAS's (ie the WNR834v2 Access
Points) and not the workstations connecting to the APs. As the Workstations
/ users would just be users.
So either you allow anyone from the internet (or restrict it down to certain
IP addresses which the Mobile Provider
On Fri, Oct 29, 2010 at 4:33 PM, Tyler Nally tna...@technally.com wrote:
Right... Ok.. so are these different traveling mobile offices in
documentation of what is called a VLAN (with a dynamic IP to the internet
side of the router that in turn hands out IP's to it's clients) ?
The traveling
On Wed, Oct 6, 2010 at 6:35 PM, Alan DeKok al...@deployingradius.comwrote:
Peter Lambrechtsen wrote:
I'm trying to setup my dynamic clients and specify a nas-type.
In my dynamic-clients I have:
...
Then in my sites-enabled/default in the authorize section I have:
A completely
Following on from my previous post on Centralised LDAP Auth post:
http://lists.freeradius.org/pipermail/freeradius-users/2010-September/msg00393.html
I've found that using dynamic-clients gives me a few advantages over using
huntgroups.
1) Dynamic Clients allows you to have per-NAS shared
Read the sites-available/dynamic-clients and you can base all your dynamic
shared secret's based on the IP address of the NAS.
Assuming you are talking about having dynamic NAS's (Radius Clients) vs
Dynamic 802.1x workstations connecting to a static list of NAS's or
switches. Using IP address
I'm trying to setup my dynamic clients and specify a nas-type.
In my dynamic-clients I have:
server dynamic_client_server {
authorize {
FreeRADIUS-Client-Shortname = Cisco
FreeRADIUS-Client-NAS-Type = other
...
Then in my sites-enabled/default in the authorize
You should do something like:
DEFAULT Group == enabled, Auth-Type := System
# And the last line in your users file have:
DEFAULT Auth-Type := Reject
That way if it doesn't match to anything, return reject.
On Thu, Sep 30, 2010 at 8:31 AM, Sid Stuart s...@meez.com wrote:
We would like to
...@deployingradius.comwrote:
Peter Lambrechtsen wrote:
It seems around like 734 in pam_radius_auth.c:
if ((hp = gethostbyname(hostname)) == (struct hostent *) NULL) {
ipaddr = 0x;/* no client IP address */
} else {
ipaddr = ntohl(*(UINT4 *) hp-h_addr); /* use
If he is using LDAP then my prior post about the howto would work for him:
https://lists.freeradius.org/pipermail/freeradius-users/2010-September/msg00393.html
On Mon, Sep 27, 2010 at 6:48 AM, Phil Mayers p.may...@imperial.ac.ukwrote:
On 09/26/2010 11:47 AM, Cameron Wood wrote:
I'm still
. There is only one NAS and the Mac OS X
Server runs a standalone OpenDirectory Master so I don't need any huntgroups
then?
On 24 sep 2010, at 05:42,
freeradius-users-requ...@lists.freeradius.orgwrote:
Date: Fri, 24 Sep 2010 08:02:38 +1200
From: Peter Lambrechtsen plambrecht...@gmail.com
In the users file is where you specify the reply attributes in my example.
So using your example:
DEFAULT Huntgroup-Name == CiscoVPN, Ldap-Group ==
cn=CiscoVPN,ou=Roles,ou=Radius,DC=ACME,DC=COM
Service-Type = NAS-Prompt-User,
Idle-Timeout = 600,
Cisco-AVPair =
On Wed, Sep 22, 2010 at 6:06 PM, Alan DeKok al...@deployingradius.comwrote:
Any suggestions on what to do with gdb or to debug this problem??
$ gdb --args ./pamtester jpam peter authenticate
(gdb) run
(gdb) bt
This is what I get back:
(gdb) run
Starting program:
On Wed, Sep 22, 2010 at 9:55 PM, Alan DeKok al...@deployingradius.comwrote:
Peter Lambrechtsen wrote:
This is what I get back:
(gdb) run
Starting program: /usr/local/bin/sparcv9/pamtester jpam peter
authenticate
procfs:4337 -- process not stopped.
procfs: ...giving up...
(gdb) bt
Hello
I've managed to compile pam_radius-1.3.17 both 32Bit and 64Bit.
I had to add -lsocket as part of linking to get it to work and modified the
make file to have -m64 to compile on 64bit
When I compile it for 64Bit this is my make output:
gcc -Wall -fPIC -m64 -c pam_radius_auth.c -o
the
users file, and kill -HUP radiusd.
I hope someone finds this useful. And that it gets turned into a Wiki
Entry.
Cheers
Peter Lambrechtsen
plambrechtsen at gmail dot com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Mon, Sep 20, 2010 at 6:46 AM, Sander van Loosbroek
san...@vanloosbroek.com wrote:
Hello,
I have successfully set up Freeradius that comes with Mac OS X Server 10.6
to authenticate WebVPN users on a Cisco IOS router. Now I'm trying to parse
the webvpn:user-vpn-group attribute to the Cisco
Looks like you need to recompile openldap as symbol is missing from the
shared library.
Then recompile freeradius against that newer version of openldap
On Tue, Aug 31, 2010 at 6:52 PM, Fernando Calvelo Vazquez
fernando.calv...@esrf.fr wrote:
Hi guys:
I'm trying to activate ldap
On Thu, Aug 19, 2010 at 6:38 PM, rrperez rrpe...@apc.edu.ph wrote:
Thanks for the quick response Stefan.
Regarding with practicality issues, its not a problem. I want to try all
the
possibility for me to be able to make this work.
Due to that, PEAP and Notes *will not work*. You could
On Thu, Aug 19, 2010 at 7:42 PM, rrperez rrpe...@apc.edu.ph wrote:
Thanks for the quick response Peter,
It means that your clients will send the password to the radius server in
cleartext rather than PEAP encrypting them. There isn't any way to
authenticate against your Notes box with
On Thu, Aug 19, 2010 at 2:51 PM, rrperez rrpe...@apc.edu.ph wrote:
Thanks for the response Alan and Stefan, I also figure out it now that it
is
somewhat impossible.
I might test my last theoretical solution, that is to make LDAP as the
primary directory and also I'll keep on searching the
10, 2010 at 10:18 AM, Peter Lambrechtsen
plambrecht...@gmail.com wrote:
On Mon, Aug 9, 2010 at 6:31 PM, Alan DeKok al...@deployingradius.comwrote:
Peter Lambrechtsen wrote:
Using FreeRadius 2.1.7 and trying to get the postauth_users to return an
access reject however it always seems
On Wed, Aug 11, 2010 at 12:40 PM, Alan DeKok al...@deployingradius.comwrote:
Peter Lambrechtsen wrote:
I have figured out where my mistake was. I needed to have the users
file being used in the authorize section, but I shouldn't have had
Auth-Type := Accept at the end of each line
On Mon, Aug 9, 2010 at 6:31 PM, Alan DeKok al...@deployingradius.comwrote:
Peter Lambrechtsen wrote:
Using FreeRadius 2.1.7 and trying to get the postauth_users to return an
access reject however it always seems to return either a noop or ok.
..
And this is what is in my postauth_users
Using FreeRadius 2.1.7 and trying to get the postauth_users to return an
access reject however it always seems to return either a noop or ok.
This is what I get in my radiusd -X trace:
[files] postauth_users: Matched entry DEFAULT at line 30
++[files] returns ok
Sending Access-Accept of id 53 to
-Message = Reject
On Mon, Aug 9, 2010 at 3:36 PM, Peter Lambrechtsen
plambrecht...@gmail.comwrote:
Using FreeRadius 2.1.7 and trying to get the postauth_users to return an
access reject however it always seems to return either a noop or ok.
This is what I get in my radiusd -X trace:
[files
This is how I have done it:
http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg1.html
Works a treat for me.
On Wed, Aug 4, 2010 at 11:27 AM, Cory Johnson cjohn...@commspeed.netwrote:
Greetings,
I am running FreeRADIUS 2.1.8 on Ubuntu 8.04, attempting to use the
Why not setup your NAS to use PAP, instead of MS-CHAP.
If you use MS-CHAP you will need to have NT Hash'es in your LDAP directory.
It would be far easier to have PAP authentication enabled on your NAS, then
it should work fine.
On Tue, Jul 6, 2010 at 3:59 AM, Daniel Gomes dgo...@ipfn.ist.utl.pt
This is how I did it.
Works well for me.
http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg1.html
On Fri, May 21, 2010 at 5:26 PM, John Dennis jden...@redhat.com wrote:
On 05/20/2010 05:44 PM, John Maher wrote:
I really didn't want to post here, but I just
This may help you.
http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg1.html
Using the Postauth_users restricting it via a ldap group should work.
On Tue, Apr 27, 2010 at 11:50 AM, Gary Gatten ggat...@waddell.com wrote:
Hello all,
I currently have FR v2.1.6
The best way is to follow what I suggested in this post.
http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg1.html
We authenticate a group of 5620's and 7210's in our environment too using
that exact same method.
Now that the Timetra (now Lucent) Dictionary is in
On Sat, Mar 27, 2010 at 3:00 AM, Doug Warner d...@warner.fm wrote:
I'm trying to setup freeradius to authenticate users via LDAP but pull
group
information via MySQL. I currently only need radius for authentication to
network devices (switches, PDUs, etc) but want to make sure I set it up so
On Tue, Mar 23, 2010 at 7:06 AM, Mike Loosbrock mloos...@bnet.bethel.eduwrote:
Excerpts from Alan DeKok's message of Mon Mar 22 11:48:40 -0500 2010:
Mike Loosbrock wrote:
I thought about getting the user's groups by fetching the multi-
valued 'memberOf' attribute from AD and then
On Fri, Mar 12, 2010 at 10:26 PM, omega bk omeg...@gmail.com wrote:
thank u both, i folowed your advices.
i changed the basedn to *basedn = dc=example,dc=com*
i can* successfully* perform a * ldapsearch -x -b dc=example,dc=com
uid=bernard*
I beg to differ, you can successfully connect to
On Sat, Mar 6, 2010 at 5:42 AM, John Dennis jden...@redhat.com wrote:
On 03/05/2010 11:31 AM, Siryx XL wrote:
Hi everyone.
I'm using FreeRADIUS Version 2.1.1, I use it to control the access to a
routers networks.
I want to permit certain users to get access to some routers and deny
On Thu, Mar 4, 2010 at 1:29 PM, R C rc_w...@yahoo.com wrote:
Hi,
I ran eapol_test with reauthentication = 100. It went through fine. Thanks
for that.
1. But, since these reauthentications are serial and not parallel,
and even if i run 5-6 eapol_test processes at the same time, there will
Jethro
The eaist way is as per what I e-mailed to you.
http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg1.html
This means you only need to create groups in your LDAP directory. It also
means you don't need to extend the LDAP Schema to do this.
And use the
Search and you shall recieve
http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg1.html
That's how I it, and until anyone finds a better way...
On Thu, Feb 25, 2010 at 11:11 PM, Stephon Chen step...@gmail.com wrote:
Hello all
I want to run only one radiusd (no
On Thu, Feb 18, 2010 at 11:47 AM, Nick Owen owen.n...@gmail.com wrote:
On Wed, Feb 17, 2010 at 3:24 PM, John L. Singleton jsing...@gmail.comwrote:
Hi All,
I am trying to set up a centralized SSH authentication server that allows
authentication via public keys. I can't find anything on the
This is how I did it using LDAP.
http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg1.html
I would recommend using LDAP over MySQL, as normally you would have a
Corporate LDAP directory (Active Directory, or eDirectory or similar) and
managing access to your Radius
On 31/01/2010, at 11:59 AM, Mike Diggins mike.digg...@mcmaster.ca
wrote:
I was able to get freeradius 2.1.3 and wireless WPA working, likely
due to the fact that FreeRadius was mostly configured for me
(thanks ;) ). I’m a little confused about the certificate that is re
quired in the
You will need to setup two (or more) LDAP directory configs in the
modules/ldap config.
AD's LDAP interface isn't able to query inter-domain. So you need to setup
a LDAP connection per unique domain.
http://wiki.freeradius.org/Rlm_ldap
On Mon, Nov 16, 2009 at 9:42 PM, John
Hello
It took me some time to track down this dictionary so I thought for
completeness that it may want to get included into the freeradius dictionary
directory.
It's a carrier grade product so not all that common, but it may help someone
else having this included.
Many thanks
Peter
On Tue, Nov 3, 2009 at 12:42 PM, Larry Ross lfr...@ucdavis.edu wrote:
Hello All;
I am trying to add a new vendor to the dictionary directory. I created the
file in /usr/local/share/freeradius/dictionary.procera contents below. The
vendor in question provided their Vendor ID
Did you also
I have configured FR 2.1.7 successfully and just wanted to confirm this is
the best way to achieve what I am wanting to do.
I have large number nas elements scattered throughout the network that we
are trying to centralise on a pair of redundant FR servers. The
authentication will be based on
You're password needs to be readable in cleartext by FR for anything other
than PAP to work.
That way FR can hash/encrypt the password out of LDAP on the server side and
compare against the hash it gets passed from the client.
On Sun, Oct 4, 2009 at 6:07 PM, Ryaz Khan rk...@ezesolve.com wrote:
On 9/09/2009, at 2:43 AM, Alan DeKok al...@deployingradius.com wrote:
Michael Fischer wrote:
I'm trying to set up 802.1x authentication on my Enterasys
AccessPoints
using freeradius and eDirectory.
Freeradius and eDirectory work like a charm when I use it for Cisco-
VPN
authentication.
I am trying to have a granular based reply items depending on the NAS they
connected to all driven using attributes in LDAP without needing to use
realms.
IE User A passes just UserPassword to NAS A. and gets reply attr
Service-Type=admin, and the admin comes from an LDAP Attribute nasA
attribute
On 28/08/2009, at 10:38 PM, Ivan Kalik t...@kalik.net wrote:
I am trying to have a granular based reply items depending on the
NAS they
connected to all driven using attributes in LDAP without needing to
use
realms.
IE User A passes just UserPassword to NAS A. and gets reply attr
On Fri, Aug 28, 2009 at 10:38 PM, Ivan Kalik t...@kalik.net wrote:
I am trying to have a granular based reply items depending on the NAS
they
connected to all driven using attributes in LDAP without needing to use
realms.
IE User A passes just UserPassword to NAS A. and gets reply attr
On Sat, Aug 29, 2009 at 7:11 AM, Peter Lambrechtsen plambrecht...@gmail.com
wrote:
On Fri, Aug 28, 2009 at 10:38 PM, Ivan Kalik t...@kalik.net wrote:
I am trying to have a granular based reply items depending on the NAS
they
connected to all driven using attributes in LDAP without needing
Have checked out Penrose from Safehaus.
Otherwise if you don't want a FOSS solution then Novell IDM is the most
complete end-to-end IDM solution on the market IMHO.
On Mon, Aug 10, 2009 at 12:05 AM, Andres Kaaber andres.kaa...@gmail.comwrote:
Hello all
I'm assigned with a project to make a
On 7/06/2009, at 5:14 AM, Alan DeKok al...@deployingradius.com wrote:
John Dennis wrote:
The primary reason to upgrade is the vastly superior features in
the 2.x
versions, plus 2.x resolves some issues which were present in the 1.x
series. These things will *not* be backported into 1.1.3, it
You will need to have all your users in one tree so I suggest you use
idm to sync all your users from both trees into a third auth tree.
Then you can point your login to the basedn and search the subtree for
the users.
On 30/05/2009, at 12:58 AM, Magnus Larsson magnus.lars...@addpro.se
Has anyone done any work with FreeRadius 2.1.1 or higher and SQLite as
the backend db.
Working on a single router solution with OpenWRT with FreeRadius
running PEAP and EAP-TLS auth.
Would love to have it working with sqlite as that is the smallest DB
footprint of all the supported databases for
On 20/05/2009, at 12:00 AM, Alan DeKok al...@deployingradius.com
wrote:
Peter Lambrechtsen wrote:
Has anyone done any work with FreeRadius 2.1.1 or higher and SQLite
as
the backend db.
Nope.
Would love to have it working with sqlite as that is the smallest DB
footprint of all
89 matches
Mail list logo