Hello freeradius-users,
I have installed freeradius-0.7.1 on my FreeBSD 4.6.2 and set it
to authorize users via ldap and send accounting information to
mysql. Everything works fine, but radwho doesn't show, who is
logged in.
zeus# ps ax | grep radpppd
8371 p1 R+ 0:00,00 grep radpppd
8230 a2 Is+ 0:00,04 radpppd auth refuse-chap require-pap radius debug
8360 a7 Is+ 0:00,03 radpppd auth refuse-chap require-pap radius debug
zeus# radwho
And radlast show me nothing but garbage (last showing the same)
zeus# radlast -f /var/log/radius/radutmp
?+?�P ?? 1 ??? 03:00 still logged
in
>!A�?+?P 84023757 ?? 1 ??? 03:00 still logged in
maa81 ?? 1 ??? 03:00 still logged in
???= ?+?�P ?? 1 ??? 03:00 still logged in
A ?? 23 ??? 02:40 - 03:00 (00:19)
31405231>!A�?+?
P ?? 1 ??? 03:01 still logged in
?+?�P 1746>!A� ?? 1 ??? 03:00 still logged in
1 ?? 25 ??? 23:44 still logged in
1163>!A�?+?P � 1(?= ?? 1 ??? 03:00 still logged in
P >!A�?+?� A ?? 1 ??? 03:00 still logged in
wtmp begins ???????????, 12 ?????? 1998 ?. 07:08:40 (MSD)
Config:
prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = ${prefix}/etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
confdir = ${raddbdir}
run_dir = ${localstatedir}/run
libdir = ${exec_prefix}/lib
pidfile = ${run_dir}/radiusd.pid
max_request_time = 30
delete_blocked_requests = no
cleanup_delay = 5
max_requests = 1024
bind_address = *
port = 0
hostname_lookups = no
allow_core_dumps = no
regular_expressions = yes
extended_expressions = yes
log_stripped_names = no
log_auth = yes
log_auth_badpass = yes
log_auth_goodpass = no
usercollide = yes
lower_user = before
lower_pass = no
lower_time = before
nospace_user = no
nospace_pass = no
checkrad = ${sbindir}/checkrad
security {
max_attributes = 200
reject_delay = 1
}
proxy_requests = no
$INCLUDE ${confdir}/proxy.conf
$INCLUDE ${confdir}/clients.conf
$INCLUDE ${confdir}/snmp.conf
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
}
modules {
pam {
pam_auth = radiusd
}
unix {
cache = no
cache_reload = 600
passwd = /etc/passwd
group = /etc/group
radwtmp = ${logdir}/wtmp
}
eap {
md5 {
}
}
mschap {
authtype = MS-CHAP
}
ldap {
server = "my.domain.com"
identity = "cn=dial,o=Org,c=RU"
password = xxx
basedn = "ou=users,o=Org,c=RU"
filter = "(uid=%u)"
start_tls = no
default_profile = "cn=radprofile,o=Start,c=RU"
access_group = "cn=dialup-group,o=Start,c=RU"
access_attr = "dialupAccess"
dictionary_mapping = ${raddbdir}/ldap.attrmap
ldap_connections_number = 5
timeout = 4
timelimit = 3
net_timeout = 1
}
realm suffix {
format = suffix
delimiter = "@"
}
realm realmslash {
format = prefix
delimiter = "/"
}
realm realmpercent {
format = suffix
delimiter = "%"
}
preprocess {
huntgroups = ${confdir}/huntgroups
hints = ${confdir}/hints
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
}
files {
usersfile = ${confdir}/users
acctusersfile = ${confdir}/acct_users
compat = no
}
fastusers {
usersfile = ${confdir}/users_fast
hashsize = 1000
compat = no
hash_reload = 600
}
detail {
detailfile = ${radacctdir}/%{Client-IP-Address}/detail
detailperm = 0600
}
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address,
NAS-Port-Id"
}
$INCLUDE ${confdir}/sql.conf
radutmp {
filename = ${logdir}/radutmp
perm = 0600
callerid = "yes"
}
radutmp sradutmp {
filename = ${logdir}/sradutmp
perm = 0644
callerid = "no"
}
attr_filter {
attrsfile = ${confdir}/attrs
}
counter {
filename = ${raddbdir}/db.counter
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
allowed-servicetype = Framed-User
cache-size = 5000
}
always fail {
rcode = fail
}
always reject {
rcode = reject
}
always ok {
rcode = ok
simulcount = 0
mpp = no
}
}
authorize {
preprocess
ldap
}
authenticate {
authtype LDAP {
ldap
}
}
preacct {
preprocess
suffix
files
}
accounting {
detail
unix
radutmp
sradutmp
sql
}
session {
radutmp
sql
}
--
Best regards,
Alexander mailto:[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
