Re: (RADIATOR) LDAP COnnection

[Hugh Irvine]

Hello Jaskaran -

Can you please send me a trace 4 debug showing what is happening?

thanks

Hugh

On 13/11/2003, at 3:04 AM, jsingh wrote:

Hello Hugh

� I understand that Radiator is supposed to drop the connection after  
it connects and talks to the LDAP Server. But I can see a connection  
for each of my incoming requests. I changed the configuration file for  
Radiator to sustain one connection, which is not the ideal situation  
as far as my project is concerned. I would like to know if I am  
missing something in my config or is this a bug in radiator. I am  
attaching my config without the secrets. I am using Radiator-3.5 on  
solaris 8 with perl 5.6.1

Thanks

�

Foreground

LogStdout

LogDir����������� /var/log/radius3.5.1���������

DbDir������ .����

Trace������ 4

PidFile ��� /var/log/radius3.5.1/radiusd.pid

AuthPort��� 11645

AcctPort��� 11646

DefineGlobalVar Max 7200

DictionaryFile /usr/local/adm/src/Radiator-3.5/dictionary

�

# Clients to suit your site. ###################################

<Client xx.xx.xx.xx>

����� Secret����� xxxxxx

����� DupInterval 0

</Client>

##################################

�

<Client xxxx.fdu.edu>

����� Secret xxxxx

����� DupInterval 0

</Client>

##################################

<Client xxxxxxx>

����� Secret xxxx

����� DupInterval 0

</Client>

#################################

�

<Client xxx.xx.xx.xxx>

����� Secret xxx

����� DupInterval 0

</Client>

�

<Client xx.xx.xx.xx>

����� #Description Cisco AS5300

����� Secret xxxxx

����� DupInterval 0

</Client>

<Client xx.xx.xx.xx>

����� #Description Cisco AS5300

����� Secret xxxx

����� DupInterval 1

</Client>

<Client DEFAULT>

Secret

DupInterval 0

</Client>

�

<AuthBy LDAP2>

����� ����� Identifier� CheckLDAP��

����������� Host� xxx.fdu.edu

����������� Port 636

����� ����� UseSSL

����������� SSLCAPath /usr/local/adm/etc/

����������� BaseDN dc=xxx, dc=xxx��������

����������� Scope subtree

����������� UsernameAttr� xxxxx����

����������� PasswordAttr� userPassword

����������� ServerChecksPassword���

����������� Timeout 2

��������������� FailureBackoffTime 30

��������������� HoldServerConnection

����������� #CheckAttr cn

�����������������

����������� #AuthAttrDef ipaddress,Framed-IP-Address,reply

�

����������� AddToReply Framed-Protocol = PPP,\

������� ��������� Framed-Routing = None,\

������� ��������� Framed-MTU = 1500,\

����������������� Framed-Compression = Van-Jacobson-TCP-IP,\

����������������� Service-Type = Framed-User,\

����������������� Idle-Timeout = 300

�����������������

����������� Debug 255

�

</AuthBy>  
####################################################################### 
##

<AuthBy SQL>

�����

����� Identifier� Block-Time-SQL

����� DBSource���� dbi:mysql:xxxx:localhost

����� DBUsername�� xxxxxx

����� DBAuth������ xxx

����� DefaultSimultaneousUse 1

����� AccountingTable xxxxx

����� AuthSelect Select Time_Left from RADUSERS where User_Name='%n'

����� AuthColumnDef 0, Session-Timeout,reply

�����

����� AcctSQLStatement Update RADUSERS set Time_Left=Time_Left  
-'%{Acct-Session-Time}'� \����

����������� where User_Name='%n';

�

�

</AuthBy>  
####################################################################### 
#

<AuthLog SQL>

����� Identifier REQUEST

����� DBSource dbi:mysql:xxxx:localhost

����� DBUsername xxxxxx�����

����� DBAuth����������� xxxxxx

����� LogSuccess�

����� SuccessQuery insert into RADAUTHLOG (TIME_STAMP,USERNAME,TYPE)  
values ('%l','%n',1)

����� LogFailure

����� FailureQuery insert into RADAUTHLOG  
(TIME_STAMP,USERNAME,TYPE,REASON) values ('%l','%n',0,%1) </AuthLog>  
####################################################################### 
##

<Realm 1.1>

����� AuthByPolicy ContinueWhileAccept

����� PreAuthHookfile:"/usr/local/adm/bin/filename.pl"

����� AuthBy CheckLDAP

����� AuthBy Block-Time-SQL

����� AuthLog REQUEST��

����� MaxSessions 1

����� PostAuthHookfile:"/usr/local/adm/bin/filename.pl"

����� SessionDatabase SQLDB

</Realm>  
################################################################

<Realm 1.1.1>

����� AccountingHandled

����� AuthByPolicy ContinueWhileAccept

����� PreAuthHookfile:"/usr/local/adm/bin/filename.pl"

����� AuthBy CheckLDAP

����� AuthBy Block-Time-SQL

����� PostAuthHookfile:"/usr/local/adm/bin/filename.pl"

����� MaxSessions 1

����� SessionDatabase SQLDB

����� AcctLogFileName /var/radius/Acct

</Realm>  
#######################################################################

<SessionDatabase SQL>

��������������� Identifier SQLDB

��������������� DBSource�� dbi:mysql:xxx:localhost

��������������� DBUsername xxxxx

��������������� DBAuth���� xxxxx

</SessionDatabase>

�

�

�

Jaskaran Singh

University Systems & Security

Fairleigh Dickinson University

Teaneck,NJ 07666

�

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.