Well I seem to be
having a problem with maxsessions again. I have implement rewriteusername so
that it is lower case. I am still having the same problem. It appears that if
they logon with a username in caps radiator sees it as a different user than in
lower case. Here is my running config.
Foreground
#LogStdout
LogDir c:\radiator\logs
LogFile %L/%m-%d-%Y-logfile.txt
DbDir c:\radiator
DictionaryFile c:\radiator\dictionary.usr
Trace 3
#LogStdout
LogDir c:\radiator\logs
LogFile %L/%m-%d-%Y-logfile.txt
DbDir c:\radiator
DictionaryFile c:\radiator\dictionary.usr
Trace 3
<Client
209.165.173.7>
Secret xxxxxxxxx
Secret xxxxxxxxx
DupInterval
0
DefaultRealm otz.net
</Client>
DefaultRealm otz.net
</Client>
<Realm otz.net>
RewriteUsername s/^([^@]+).*/$1/
RewriteUsername tr/A-Z/a-z/
AcctLogFileName %L/%m-%d-%Y-detail.txt
PasswordLogFileName %L/%m-%d-%Y-passlog.txt
MaxSessions 1
<AuthBy GROUP>
AuthByPolicy ContinueUntilAccept
AuthByPolicy ContinueUntilAccept
<AuthBy FILE>
# File Authorization for Static users
Filename c:\radiator\stat_users
</AuthBy>
# File Authorization for Static users
Filename c:\radiator\stat_users
</AuthBy>
<AuthBy LDAP2>
# The LDAP host to connect to
# If not set, defaults to localhost
Host localhost
# The LDAP host to connect to
# If not set, defaults to localhost
Host localhost
# If not set, defaults to 389.
Use 636 for SSL.
# Can be a numeric port number or a service name
# from /etc/services
Port 389
# Specifies to use SSL to connect, and the name
# of your certificate database. The database
# must either be the cert5.db certificate database used
# by Netscape Navigator 3.x or the ServerCert.db
# certificate database used by
# Netscape 2.x servers.
# You will usually want Port 636 if you enable SSL
# You can use special filename characters
# Only available with Netscape SDK version of LDAPapi
#UseSSL ./cert5.db
# These specify how to connect to the directory
# as a privelged user
AuthDN cn=Directory Manager
AuthPassword xxxxxxxxx
# Can be a numeric port number or a service name
# from /etc/services
Port 389
# Specifies to use SSL to connect, and the name
# of your certificate database. The database
# must either be the cert5.db certificate database used
# by Netscape Navigator 3.x or the ServerCert.db
# certificate database used by
# Netscape 2.x servers.
# You will usually want Port 636 if you enable SSL
# You can use special filename characters
# Only available with Netscape SDK version of LDAPapi
#UseSSL ./cert5.db
# These specify how to connect to the directory
# as a privelged user
AuthDN cn=Directory Manager
AuthPassword xxxxxxxxx
# The base DN at which to start the
search
BaseDN o=otz.net
BaseDN o=otz.net
# The LDAP attribute to match against
User-Name
UsernameAttr uid
# The LDAP attribute that contains a plaintext password
# or a password in the format {crypt}1xMKc0GIVUNbE
# or {SHA}0DPiKuNIrrVmD8IUCuw1hQxNqZc=
PasswordAttr userPassword
UsernameAttr uid
# The LDAP attribute that contains a plaintext password
# or a password in the format {crypt}1xMKc0GIVUNbE
# or {SHA}0DPiKuNIrrVmD8IUCuw1hQxNqZc=
PasswordAttr userPassword
# Optional attribute that contains an
# encrypted password to use instead of PasswordAttr
# EncryptedPasswordAttr sn
# Optional LDAP attribute that contains check
# items for the user
# CheckAttr cn
# Optional LDAP attribute that contains reply
# items for the user
# ReplyAttr mail
</AuthBy>
</AuthBy>
</Realm>
# encrypted password to use instead of PasswordAttr
# EncryptedPasswordAttr sn
# Optional LDAP attribute that contains check
# items for the user
# CheckAttr cn
# Optional LDAP attribute that contains reply
# items for the user
# ReplyAttr mail
</AuthBy>
</AuthBy>
</Realm>
Gordon L. Foster
System Administrator
OTZ Telephone Cooperative, INC.
Ph.
907-442-3114
Fax 907-442-2123
