Re: [RADIATOR] "IgnoreIfMissing" required?

Sat, 19 Jan 2019 17:31:23 -0800 

Hi Christian -

You can use multiple entries like this (which is what Radiator actually does):


DEFAULT User-Name = /…../
        …..

DEFAULT1 User-Name = /…../
        …..

DEFAULT2 User-Name = /…../
        ……

regards

Hugh


this users file


DEFAULT User-Name = /hugh/
        Reply-Message = DEFAULT

DEFAULT1 User-Name = /christian/
        Reply-Message = DEFAULT1


gives this


TiTi:Radiator-4.22 hugh$ perl radpwtst -user hugh -noacct

sending Access-Request
Sun Jan 20 12:25:46 2019: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 51846 ....
Code:       Access-Request
Identifier: 128
Authentic:  <140><155>?c<169><233><232><186>)O<187><209>x<198>O;
Attributes:
        User-Name = "hugh"
        Service-Type = Framed-User
        NAS-IP-Address = 203.63.154.1
        NAS-Identifier = "203.63.154.1"
        NAS-Port = 1234
        Called-Station-Id = "123456789"
        Calling-Station-Id = "987654321"
        NAS-Port-Type = Async
        User-Password = 
<249><192><157><15>A?<208><174><205><136>K<22>[<243><173>J

Sun Jan 20 12:25:46 2019: DEBUG: Handling request with Handler '', Identifier ''
Sun Jan 20 12:25:46 2019: DEBUG: SessINTERNAL: Deleting session for hugh, 
203.63.154.1, 1234
Sun Jan 20 12:25:46 2019: DEBUG: Handling with Radius::AuthFILE: 
Sun Jan 20 12:25:46 2019: DEBUG: Radius::AuthFILE looks for match with hugh 
[hugh]
Sun Jan 20 12:25:46 2019: DEBUG: Radius::AuthFILE REJECT: No such user: hugh 
[hugh]
Sun Jan 20 12:25:46 2019: DEBUG: Radius::AuthFILE looks for match with DEFAULT 
[hugh]
Sun Jan 20 12:25:46 2019: DEBUG: Radius::AuthFILE ACCEPT: : DEFAULT [hugh]
Sun Jan 20 12:25:46 2019: DEBUG: AuthBy FILE result: ACCEPT, 
Sun Jan 20 12:25:46 2019: DEBUG: Access accepted for hugh
Sun Jan 20 12:25:46 2019: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 51846 ....
Code:       Access-Accept
Identifier: 128
Authentic:  <23>:P<234>r_UQ<27>_<248><162><138><132>e<151>
Attributes:
        Reply-Message = "DEFAULT"

OK

TiTi:Radiator-4.22 hugh$ perl radpwtst -user christian -noacct

sending Access-Request
Sun Jan 20 12:26:01 2019: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 50283 ....
Code:       Access-Request
Identifier: 198
Authentic:  <217><14> &<250>CJ<225><150>l<190><255>X>)_
Attributes:
        User-Name = "christian"
        Service-Type = Framed-User
        NAS-IP-Address = 203.63.154.1
        NAS-Identifier = "203.63.154.1"
        NAS-Port = 1234
        Called-Station-Id = "123456789"
        Calling-Station-Id = "987654321"
        NAS-Port-Type = Async
        User-Password = 4<14><171><244>>+<239><24>p<208><211><23>jl6<16>

Sun Jan 20 12:26:01 2019: DEBUG: Handling request with Handler '', Identifier ''
Sun Jan 20 12:26:01 2019: DEBUG: SessINTERNAL: Deleting session for christian, 
203.63.154.1, 1234
Sun Jan 20 12:26:01 2019: DEBUG: Handling with Radius::AuthFILE: 
Sun Jan 20 12:26:01 2019: DEBUG: Radius::AuthFILE looks for match with 
christian [christian]
Sun Jan 20 12:26:01 2019: DEBUG: Radius::AuthFILE REJECT: No such user: 
christian [christian]
Sun Jan 20 12:26:01 2019: DEBUG: Radius::AuthFILE looks for match with DEFAULT 
[christian]
Sun Jan 20 12:26:01 2019: DEBUG: Radius::AuthFILE REJECT: Check item User-Name 
expression '/hugh/' does not match 'christian' in request: DEFAULT [christian]
Sun Jan 20 12:26:01 2019: DEBUG: Radius::AuthFILE looks for match with DEFAULT1 
[christian]
Sun Jan 20 12:26:01 2019: DEBUG: Radius::AuthFILE ACCEPT: : DEFAULT1 [christian]
Sun Jan 20 12:26:01 2019: DEBUG: AuthBy FILE result: ACCEPT, 
Sun Jan 20 12:26:01 2019: DEBUG: Access accepted for christian
Sun Jan 20 12:26:01 2019: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 50283 ....
Code:       Access-Accept
Identifier: 198
Authentic:  D<146>.<209> <193><134>}n<165> <16><22><137>n<186>
Attributes:
        Reply-Message = "DEFAULT1"

OK


> On 20 Jan 2019, at 10:24, Christian Meutes <[email protected]> wrote:
> 
> Hi Hugh.
> 
> On Sat, Jan 19, 2019 at 10:52 PM Hugh Irvine <[email protected]> wrote:
>> Well, you can have multiple DEFAULT entries like this:
>> 
>> 
>> DEFAULT User-Name = /something/
>>        ……
>> 
>> DEFAULT User-Name = /whatever/
>>        …..
>> 
>> and so on.
>> 
>> Does that work for you?
> 
> the RADMIN 'RADUSERS'-table has an index on the 'USERNAME'-column
> which has the unique constraint. Creating multiple users with
> 'DEFAULT' as username doesn't work there. :-(
> 
> Thanks
> -- 
> Christian


--

Hugh Irvine
[email protected]

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, macOS, Solaris, VMS, NetWare etc.

_______________________________________________
radiator mailing list
[email protected]
https://lists.open.com.au/mailman/listinfo/radiator

Reply via email to