Hello Loai -
Thanks for sending the configuration and debug.
On Sunday, Aug 17, 2003, at 23:07 Australia/Melbourne, Loai Marashdeh wrote:
Hi everybody, can anyone help with these issues?
�
1.How can I get the plain text password. Whenever I request the password it gives me the�encrypted password.
I need it because I want to make a stored procedure and send the authentication to the
SQL Server (e.g AuthSelect exec AuthStProc username,password).
�
You can use the %P special character for the plaintext password (this will only work with PAP authentication).
2. In our old RADIUS system,We have groups for a�specified number�of pools. How can I make a group to collect these pools as when a user connects with a group number, he will�be assigned an IP Address from these specified pools for this group.
�
How do you know when a user is part of a particular group? If it is a field in the database, you could use the group value as the PoolHint for the AuthBy DYNADDRESS after retrieving it from the database.
In fact now that I look at your configuration file and debug I see that you have done this and it also appears to be working fine.
3. When I Authenticate a user, I take a field from the database called csntgroup, this identifies the group number of the user, I need this number to be stored�in the accounting table (RADIUS called here), I tried different ways but it returned Null.
is it a proper way�to use the pools as groups as I have used, or is there a better way? I also need it in the Failed Attmepts table.
�
It would be simpler if you put the "csntgroup" into a Class attribute and used that for both the PoolHint and for the accounting.
Ie.
<AuthBy SQL>
DBSource dbi:ODBC:radiator
DBUsername xxx
DBAuth xxx
NoDefault
#IgnoreAccounting
RcryptKey mysecret
#RcryptKey des_set_key
AuthSelect if exists (select * from Accounts a , SessionsAndIPs s where a.username=s.username \
and s.USERNAME=%0 and statusid='0') \
select PASSWORD,maxsessions,fixedipaddress,csntgroup from accountsview where USERNAME=%0 and statusid='0' \
else \
select PASSWORD,1 as maxsessions,fixedipaddress,csntgroup from accountsview where USERNAME=%0 and statusid='0'
#AuthColumnDef 0, PASSWORD, check
AuthColumnDef 0, User-Password, check
#AuthColumnDef 1, GENERIC, check
#AuthColumnDef 2, GENERIC, reply
AuthColumnDef 1, Simultaneous-Use, check
AuthColumnDef 2, Framed-IP-Address, reply
AuthColumnDef 3, Class, reply
AccountingTable RADIUS
AcctColumnDef DATE,Timestamp,integer-date,%m/%d/%Y
AcctColumnDef TIME,Timestamp,integer-date,%H:%M:%S
AcctColumnDef [USER-NAME],User-Name
AcctColumnDef [Group-Name],Group1
AcctColumnDef [ACCT-STATUS-TYPE],Acct-Status-Type
AcctColumnDef [ACCT-SESSION-ID],Acct-Session-Id
AcctColumnDef [ACCT-SESSION-TIME],Acct-Session-Time,integer
AcctColumnDef [ACCT-INPUT-PACKETS],Acct-Input-Packets,integer
AcctColumnDef [ACCT-OUTPUT-PACKETS],Acct-Output-Packets,integer
AcctColumnDef [FRAMED-IP-ADDRESS], Framed-IP-Address
#AcctColumnDef [ACCTDELAYTIME],Acct-Delay-Time,integer
#AcctColumnDef [NASIDENTIFIER],NAS-IP-Address
AcctColumnDef [Calling-Station-Id],Calling-Station-Id
AcctColumnDef [NAS-PORT],NAS-Port,integer
AcctColumnDef [ACCT-TERMINATE-CAUSE],Acct-Terminate-Cause
#AcctColumnDef [ACCTTERMINATECAUSE],Ascend-Disconnect-Cause
AcctColumnDef CLASS, Class
AcctInsertQuery If ('%{Framed-IP-Address}'<>'') \
begin insert into %0 (%1) values (%2) end
</AuthBy>
.....
<AuthBy DYNADDRESS>
AddressAllocator SQLAllocator
PoolHint %{Reply:Class}
</AuthBy>
4. How can I get�the attributes(Acct-Input-Packets and Acct-Output-Packets). When I request them it gives me a value of Null,
By default the radiator gives the Acct-Input-Octets and Acct-Output-Octets. I inserted these attributes with radpwtst utility and it worked, but why the Acct-Input-Octets and Acct-Output-Octets works without inserting them with radpwtst?
�
The Acct-Input-Octets and Acct-Output-Octets attributes are reported by the NAS in the accounting stop. If the NAS sends those attributes they will be inserted in the database - if the NAS does not send them then there is nothing to insert.
5. There is a warning message:" WARNING: No such attribute PoolHint", why it gives me this message?
�
See above comment regarding using the Class attribute instead (PoolHint is not a radius attribute, so Radiator issues a warning).
I used this command:
D:\Perl\bin>perl radpwtst -user mikem -password fred Acct-Terminate-Cause=1 Acct-Input-Packets=12
Acct-Output-Packets=1234
�
We are testing the product using the radpwtst utility,Radiator 3.6�(evaluation version), windows 2000 Advanced Server, MSSQL Server 2000.
Attached the the radius.cfg file and the last log trace.
�
�Your support is appreciated.
�
regards
Hugh
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
