Hello Paul,
You would add these to you AuthBy RADMIN claause:
# The following is all on one line:
AuthSelect select PASS_WORD, STATICADDRESS, TIMELEFT, MAXLOGINS, IDLETIMEOUT
from RADUSERS where USERNAME='%n' and BADLOGINS < 5 and VALIDFROM < %t and
VALIDTO > %t
AuthColumnDef 4,Idle-Timeout,reply
Hope that helps.
Cheers.
On Dec 18, 9:28pm, Paul Black wrote:
> Subject: Re: (RADIATOR) MAX IDLE TIME
>
> Hi Mike,
>
> Attached is my radius.cfg file with secrets removed, could you let me know
> where to add in the AuthSelect and AuthColumDef lines.
>
> Regards. Paul
>
>
>
> Mike McCauley wrote:
> >
> > On Dec 15, 6:18am, Paul Black wrote:
> > > Subject: Re: (RADIATOR) MAX IDLE TIME
> > > My Tigris was using the Idle-Timeout attribute in the users file
correctly
> > > before I started using radmin. Could you please give me some more hints
on
> > how
> > > to set the Idle-Timeout attribute (from the database field) in the reply?
> >
> > If you have a database column IDLETIMEOUT that you want to use for
> > Idle-Timeout, you could have something like:
> >
> > AuthSelect select PASS_WORD, STATICADDRESS, TIMELEFT, MAXLOGINS,
IDLETIMEOUT
> > from RADUSERS where USERNAME='%n' and BADLOGINS < 5 and VALIDFROM < %t and
> > VALIDTO > %t
> >
> > AuthColumnDef 4,Idle-Timeout,reply
> >
> > Hope that helps.
>
> [ text/plain ] :
>
> # livingCompat.cfg
> #
> # This is a simple Radiator config file that allows you
> # to continue using a bog standard Livingston or
> # similar users file with Radiator, It implements the
> # Auth-Type="System" check item by using AuthBy UNIX
> #
> # You will probably want to change the definitions of
> # DbDir, LogDir and the Filename parameters
> #
> # Author: Mike McCauley ([EMAIL PROTECTED])
> # Copyright (C) 1997 Open System Consultants
> # $Id: livingCompat.cfg,v 1.3 1999/07/12 02:01:35 mikem Exp $
>
> #Foreground
> #LogStdout
> Trace 4
>
> DbDir /etc/raddb
> LogDir /var/log/radacct
> DictionaryFile /etc/raddb/dictionary
> RewriteUsername s/^.*\\|@.*$|^\s+|\s+$//g
>
> # This clause defines a single client to listen to
> # You will probably want to change localhost and mysecret
> # to suit your site.
> <Client iggy>
> Secret XXXX
> </Client>
> <Client dm1>
> Secret XXXX
> </Client>
> <Client pm1>
> Secret XXXX
> </Client>
>
> # This clause means we will handle any real that arrives
> <Realm DEFAULT>
> AuthByPolicy ContinueWhileReject
> <AuthBy RADMIN>
> # Change DBSource, DBUsername, DBAuth for your database
> # See the reference manual. You will also have to
> # change the one in <SessionDatabse SQL> below
> # so its the same
> DBSource dbi:mysql:radmin
> DBUsername radmin
> DBAuth XXXX
>
> # You can add to or change these if you want, but you
> # will probably want to change the databse schema first
> AccountingTable RADUSAGE
> AcctColumnDef USERNAME,User-Name
> AcctColumnDef TIME_STAMP,Timestamp,integer
> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
> AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
> AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> AcctColumnDef NASIDENTIFIER,NAS-Identifier
> AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> AcctColumnDef NASPORT,NAS-Port,integer
> AcctColumnDef DNIS,Called-Station-Id
>
> #
> # This updates the time and octets left for this user
> #
>
> AcctSQLStatement update RADUSERS set
TIMELEFT=TIMELEFT-0%{Acct-Session-Time},
OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets},
OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n'
> #
> # #
> # # These are the classic things to add to each users
> # # reply to allow a PPP dialup session. It may be
> # # different for your NAS. This will add some
> # # reply items to everyone's reply
> # #
> #
> AddToReply Framed-Protocol = PPP,\
> Framed-IP-Netmask = 255.255.255.255,\
> Framed-Routing = None,\
> Framed-MTU = 1500,\
> Framed-Compression = Van-Jacobson-TCP-IP
> </AuthBy>
>
> <AuthBy FILE>
> Filename /etc/raddb/users
> </AuthBy>
> <AuthBy UNIX>
> Filename /etc/shadow
> </AuthBy>
> AcctLogFileName /var/log/radacct/dm1/detail
> </Realm>
>
> <SessionDatabase SQL>
> # This database spec usually should be exactly the same
> # as in <AuthBy RADMIN> above
> DBSource dbi:mysql:radmin
> DBUsername radmin
> DBAuth XXXX
>
> </SessionDatabase>
>
>
> # This clause defines an authorisation method that will be used
> # by any users in the database with Auth-Type="System". It will
> # match the "Identifier System"
> <AuthBy UNIX>
> Identifier System
> Filename /etc/shadow
> </AuthBy>
>
>
>-- End of excerpt from Paul Black
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
