Hi Ryan,

On Apr 26, 11:53am, ryanm wrote:
> Subject: (RADIATOR) Problems
> Hello fellow Radiator Users,
>
> I am trying to get radiator to do some complex fall-through
> statements. This is what
> I am trying to achieve. I want to setup my users databsae to
> check for 2 realms
> realm1.org and commnet.realm1.org. If it finds a
> [EMAIL PROTECTED] I want it to set
> the timelimit to 2 hours and allow logins 24/7. If it finds
> commnet.realm1.org afte
> username@ I want to restrict these user's to Monday-Friday
> from 12 p.m. till 12 a.m.
No problem, radiator can prevent logins over specified time bands (but it wont
automatically set up a session timeout so they cant stay on after the end of
the time band).

> and force session limits of 10 minutes on them and no more
> than 5 logins per day.
Radiator on its own has no way of implementing max number of sessions per day.
You would need to work with an SQL database and AuthBy SQL to do this.

> After reading through the various documentation I came up
> with
>
> DEFAULT Service-Type = Full
>       MaxSessions = 1
>       Idle-Timeout = 900
>       SessionTimeout = 7200
>
> DEFAULT Service-Type = Restricted
>       MaxSessions = 1
>       IdleTimeout = 600
>       SessionTimeout = 900
>
> full    User-Password = "test",Service-Type = Full
>         Framed-Protocol = PPP,
>         Framed-IP-Netmask = 255.255.255.0,
>         Framed-Routing = None,
>         Framed-MTU = 1500,
>         Framed-Compression = Van-Jacobson-TCP-IP
>
> rest    User-Password = "test",Service-Type = Restricted
>         Framed-Protocol = PPP,
>         Framed-IP-Netmask = 255.255.255.0,
>         Framed-Routing = None,
>         Framed-MTU = 1500,
>         Framed-Compression = Van-Jacobson-TCP-IP
>
> realm.org Service-Type = Full
>       MaxSessions = 1
>       Idle-Timeout = 900
>         SessionTimeout = 7200
>
> commnet.realm.org Service-Type = Restricted, Time =
> "MoTuWeThFr0000-1200"
>       MaxSessions = 1
>       IdleTimeout = 600
>       SessionTimeout = 900
>
> If anyone can provide me with any hints/suggestions fixes I
> would appreciate it after
> spending hour after hour reading doc's and trying things It
> just does not seem to work
> correctly or how I want it to.

Is the set of users the same in the 2 realms?

I would probably do it like this:
Set up 2 Realms, each with a single DEFAULT user that cascades through to a
common set of users. Then the auth method for the common set of users can be
whatever you like (I have user FILE in this example)


# This one does timelimit to 2 hours and allow logins 24/7
# sim-use of 1
<Realm realm1.org>
       <AuthBy FILE>
               Filename %D/full-profile
        </AuthBy>
</Realm>

# This one restricts logins to Monday-Friday from 12 p.m. till 12 a.m
# 10 minutes, sim-use of 1
<Realm commnet.realm.org>
        <AuthBy FILE>
               Filename %D/restricted-profile
        </AuthBy>
</Realm>

# This authenticates all the common users
<AuthBy FILE>
        Identifier CommonUsers
        Filename %D/common-users
</AuthBy>

In full-profile:

# This sets up timelimit to 2 hours and allow logins 24/7
# sim-use of 1 for full-service customer
# Their password will be authenticated in common-users
DEFAULT Simultaneous-Use=1,Auth-Type=CommonUsers
        Session-Timeout=7200,
        Idle-Timeout = 900,
        Framed-Protocol = PPP,
        Framed-IP-Netmask = 255.255.255.0,
        Framed-Routing = None,
        Framed-MTU = 1500,
        Framed-Compression = Van-Jacobson-TCP-IP


In restricted-profile:
# This one restricts logins to Monday-Friday from 12 p.m. till 12 a.m
# 10 minutes, sim-use of 1
# Their password will be authenticated in common-users
DEFAULT Simultaneous-Use=1,Time=Wk0000-12000,Auth-Type=CommonUsers
        Session-Timeout=900,
        Idle-Timeout = 600,
        Framed-Protocol = PPP,
        Framed-IP-Netmask = 255.255.255.0,
        Framed-Routing = None,
        Framed-MTU = 1500,
        Framed-Compression = Van-Jacobson-TCP-IP


And in common-users, just the password for each user:

fred    Password=fred
jim     Password=secret

etc

> Also does anyone know why
> there is not a logfile created
> contiuosly?? For some reason only errors are getting send to
> my logfile.
There was a problem with the logfile writing in 2.13.1. There is a fix
available, please see
http://www.open.com.au/radiator/downloads/patches-2.13.1/README
for details.


Hope that helps.


-- 
Mike McCauley                               [EMAIL PROTECTED]
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, external, etc etc on Unix, Win95/8, NT, Rhapsody
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to