Hello Toni -
At 15:42 +0200 9/12/00, Toni Riekkinen wrote:
>Authlog problem:
>================
>
>I'd like to see the password what user tries to log on with and currently I
>dont get it.
>Not with <AuthLog FILE> or with PasswordLogFileName:
>
>With <AuthLog FILE> I get:
> Sat Dec 9 15:20:56 2000:testi3::FAIL
>
>And into passwordlog with PasswordLogFileName:
> Sat Dec 9 15:20:56 2000:976368056:testi3:UNKNOWN-CHAP:rightpw:FAIL
> Sat Dec 9 15:20:56 2000:976368056:testi3:UNKNOWN-CHAP:rightpw:FAIL
>
>I guess this is problem with NAS, but what? Authentication works just fine
>so NAS does send passwords to radius... But why I can't see those, why it is
>"UNKNOWN-CHAP"?
You will never be able to see the password, because the NAS is
configured to use CHAP authentication (which only sends an encryption
that Radiator compares against the same encryption of the plaintext
password in your user database). You will have to change the NAS to
PAP to alter this behaviour.
>
>radpwtst problem:
>=================
>
>I'm using radpwtst in crontab running it every minute to check if
>authentication from our Oracle -database works. The problem with this is,
>that I get huge amount of accounting logs into our database for this user
>radpwtst uses...
>
>Now, how do I disable only one user's accounting information (like
>ExcludeFromPasswordLog does) going to database? Must I create extra <Realm
>foobar> just because of this, where is same <AuthBy SQL> refering into same
>database, but empty AccountingTable, or something? How do I do this? I'm
>using only <Realm DEFAULT> currently. I run this radpwtst in localhost.
>
The best way to do this is with Handlers:
# configuration with Handlers and multiple AuthBy SQL clauses
# AuthBy SQL to do accounting only
# (note empty AuthSelect)
<AuthBy SQL>
Identifier SQLAcctOnly
DBSource ....
DBUsername ....
DBAuth ....
AuthSelect
AccountingTable .....
AcctColumnDef ....
....
</AuthBy>
# AuthBy SQL to do authentication only
# (note empty AccountingTable)
<AuthBy SQL>
Identifier SQLAuthOnly
DBSource ....
DBUsername ....
DBAuth ....
AuthSelect ....
AuthColumnDef ....
....
AccountingTable
</AuthBy>
<Handler User-Name = testi>
AuthBy SQLAuthOnly
</Handler>
<Handler Request-Type = Accounting-Request>
AuthBy SQLAcctOnly
</Handler>
<Handler>
AuthByPolicy ContinueUntilAccept
AuthBy ....
AuthBy SQLAuthOnly
AuthBy ....
....
</Handler>
If you have any questions please ask.
regards
Hugh
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
