|
Hi Users!
I have configured Radiator 2.17.1 with
openldap server its woking fine and authenticating request I have used AuthBy
LDAP2 clause . LDAP server used mysql database at
backend. Then in a separat configuration file I configured
AuthBy SQL clause so that Accounting logs to be stored in mysql database I
configured it too and works successfully with db authentication . Now I
want to combined both of these clauses so that I can perform Authentication
through ldap server and logs accountig detail into database. When i
combined both the auth by clauses with AuthBy Group clause using the '
AuthByPolicy ContinuewhileAccept' both the ldap and SQL clauses perform
authentications and then accounting ... when I set 'IgnoreAuthentication' in
AuthBY SQL clause Radiator server says ...'Unknown key word
IgnoreAuthentication' . what should i do to obtain this functionaly... can
any body please help me..
#############################################################
# ldap.cfg
# # Example Radiator configuration file for authenticating from # an local LDAP server # # This very simple file will allow you to get started with # a simple LDAP authentication system. # # We suggest you start simple, prove to yourself that it # works and then develop a more complicated configuration. # # In this example, there is a local LDAP database # The LDAP database administrator has a common name of: # cn = Directory Manager # and a password from dmpasswd # The LDAP server in this example manages a Base DN of: # o=Open System Consultants, c=AU # IN the database, there is an entry for each user. Their username # is in the LDAP attribute called "uid", and there is a plaintext # password in the LDAP attribute called userPassword # # So, the example will work with the sample databases supplied with # UMich and Netscape LDAP servers. # # See radius.cfg for more complete examples of features and # syntax, and refer to the reference manual for a complete description # You should consider this file to be a starting point only # $Id: ldap.cfg,v 1.2 2000/02/15 07:07:54 mikem Exp $ Foreground
LogStdout LogDir . DbDir . Trace 4 # You will probably want to change this to suit
your site.
<Client DEFAULT> Secret mysecret DupInterval 0 </Client> <Realm DEFAULT>
<AuthBy GROUP> AuthByPolicy ContinuewhileAccept
<AuthBy LDAP2>
# Tell Radiator how to talk to the LDAP server Host localhost
# You will only need these if your LDAP
server
# requires authentication: #AuthPassword fred
# This the top of the search tree where
users
# will be found. It should match the configuration # of your server BaseDN o=sql , c=RU
# This is the attribute to match the radius user
name
UsernameAttr uid # If you dont specify ServerChecksPassword, you # need to tell Radiator wjhich attribute contains # the password. It can be plaintext or encrypted EncryptedPasswordAttr userPassword
# You can use CheckAttr, ReplyAttr and
AuthAttrDef
# to specify check and reply attributes int eh LDAP # database. See the reference manual for more # information
# These are the classic things to add to each
users
# reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply Framed-Protocol = PPP,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP
# You can enable debugging of the
Net::LDAP
# module with this: #Debug 255 </AuthBy> <AuthBy SQL> # Adjust DBSource, DBUsername, DBAuth to suit your DB DBSource DBI:mysql:hinet:localhost:3306 DBUsername root #DBAuth root IgnoreAuthentication # For Authenication from Solaris encrypted password # AuthByPolicy ContinueWhileAccept #AuthSelect select Password,CallingStationId,ServiceType,FramedProtocol,FramedIPNetmask,NASPortType,SimultaneousUse,FramedIPAddress,SessionTimeout,TimeDuration from TblUserLogin where Active=1 and LoginName='%n' #AuthColumnDef 0, Encrypted-Password, check #AuthColumnDef 1, GENERIC, check #AuthColumnDef 2, Service-Type, check #AuthColumnDef 3, Framed-Protocol, reply #AuthColumnDef 4, Framed-IP-Netmask, reply #AuthColumnDef 5, NAS-Port-Type, check #AuthColumnDef 6, Simultaneous-Use, check #AuthColumnDef 7, GENERIC, reply #AuthColumnDef 8, GENERIC, reply #AuthColumnDef 9, GENERIC, check # You may want to tailor these for your
ACCOUNTING
table
AccountingTable TblTransactionRad AccountingStopsOnly AcctColumnDef LoginName,User-Name #,formatted-date,'%Y-%m-%d %H:%M:%S' AcctColumnDef TimeClose,Timestamp #AcctColumnDef AcctDelayTime,Acct-Delay-Time,integer AcctColumnDef RecordType,Acct-Status-Type AcctColumnDef BytesIn,Acct-Input-Octets,integer AcctColumnDef BytesOut,Acct-Output-Octets,integer AcctColumnDef SessionId,Acct-Session-Id AcctColumnDef Duration,Acct-Session-Time,integer AcctColumnDef TerminationCause,Acct-Terminate-Cause AcctColumnDef NASIdentifier,NAS-Identifier AcctColumnDef NASIPAddress,NAS-IP-Address AcctColumnDef PortNo,NAS-Port,integer AcctColumnDef FramedIPAddress,Framed-IP-Address AcctColumnDef CLI,Calling-Station-Id </AuthBy> </AuthBy>
# Log accounting to the detail file in LogDir #AcctLogFileName ./detail </Realm> <SessionDatabase SQL> # Specify the SQL database to connect to is similar to AuthSQL # You can specify multiple databases as fallbacks etc. See # the reference manual for more details DBSource DBI:mysql:hinet:localhost:3306 DBUsername root #DBAuth root # You can alter the SQL statements used to add, delete and count # sessions with AddQuery, DeleteQuery, ClearNasQuery and # CountQuery. That means you can accomodate many different # SQL Session Database schemas. The defaults for these parameters # are suitable for the example RADONLINE table in the example SQL # scripts in the goodies directory. # See the reference manual for more details AddQuery insert into TblActiveSessions (LoginName, SessionId,TimeStart,NASIPAddress,FramedIPAddress,PortNo,NASPortType,CLI,NASIdentifier) values \ ('%n','%{Acct-Session-Id}',now(),'%{NAS-IP-Address}','%a','%{NAS-Port}','%{NAS-Port-Type}','%{Calling-Station-Id}','%N') DeleteQuery delete from TblActiveSessions
where LoginName='%n' and \
PortNo=%{NAS-Port} and \ NASIdentifier='%N' ClearNasQuery delete from TblActiveSessions
where NASIdentifier='%N'
CountQuery select NASIdentifier, PortNo, SessionId from TblActiveSessions where LoginName='%n' # Optional identifier. Its just a
name
# Identifier SDB1 </SessionDatabase>
<Log
SQL>
DBSource DBI:mysql:hinet:localhost:3306 DBUsername root #DBAuth root Table TblRadiusLogs </Log> #############################################################
|
- Re: (RADIATOR) problem with AuthBy Group sajida kalsoom
- Re: (RADIATOR) problem with AuthBy Group Hugh Irvine
- Re: (RADIATOR) problem with AuthBy Group sajida kalsoom
