Microsoft SQL 2000 interface
All, Sorry to have to bring up the M word, but that's what we have - Microsoft SQL 2000 interfacing with Platypus and Radiator. I searched the FAQ and archives and found no reference to a Microsoft SQL interface. Can I populate my Microsoft SQL DB with freeRadius? If so, how? Thanks, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Microsoft SQL 2000 interface
Duane, No, I don't know where to start in that department. I'm in the inquiry stage now. Just trying to find out if it can be done. Is there a HOW-TO file somewhere? I just loaded a box with a fresh copy of Fedora 4 and freeRadius. I've been tasked with replacing Radiator, and freeRadius is the preferred path. This is my first stumbling block. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Cox Sent: Wednesday, October 12, 2005 9:15 AM To: FreeRadius users mailing list Subject: Re: Microsoft SQL 2000 interface Yes it can be done. Do you have freeradius talking to the MSSQL db yet? Duane Cox - Original Message - From: Cliff Hayes [EMAIL PROTECTED] To: freeradius-users@lists.freeradius.org Sent: Wednesday, October 12, 2005 8:56 AM Subject: Microsoft SQL 2000 interface All, Sorry to have to bring up the M word, but that's what we have - Microsoft SQL 2000 interfacing with Platypus and Radiator. I searched the FAQ and archives and found no reference to a Microsoft SQL interface. Can I populate my Microsoft SQL DB with freeRadius? If so, how? Thanks, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Microsoft SQL 2000 interface
Thanks. Went to http://www.freeradius.org/development.html#cvs. Made assumption I need to download CVS. Went there and downloaded it. Came back and executed the command listed on http://www.freeradius.org/development.html#cvs: cvs -d :pserver:[EMAIL PROTECTED]:/source login I entered the password anoncvs and was taken back to the system prompt. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Cox Sent: Thursday, October 13, 2005 2:05 PM To: FreeRadius users mailing list Subject: Re: Microsoft SQL 2000 interface http://www.freeradius.org/development.html#cvs - Original Message - From: Cliff Hayes [EMAIL PROTECTED] To: Duane Cox [EMAIL PROTECTED] Sent: Thursday, October 13, 2005 1:56 PM Subject: RE: Microsoft SQL 2000 interface All, Please help with instructions on how to download the CVS ver of freeradius mentioned below. I'm new to Linux. I know how to tar, configure, and make. Don't know how to CVS. Cliff -Original Message- From: Duane Cox [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 12, 2005 11:12 AM To: Cliff Hayes Subject: Re: Microsoft SQL 2000 interface I've posted this a few times, so you can search the archives for my previous email, or download the CVS ver of freeradius. There is a file in the doc folder called mssql and in there is detailed info for setting up MSSQL and FR. I assume this file will be released into FR 1.0.6 I would read both my post in the email archives and read the doc in CVS. You will have to adjust your views to pull the correct data from platypus. But it is possible to do, yes. Duane Cox - Original Message - From: Cliff Hayes [EMAIL PROTECTED] To: Duane Cox [EMAIL PROTECTED]; FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Wednesday, October 12, 2005 10:19 AM Subject: RE: Microsoft SQL 2000 interface Duane, No, I don't know where to start in that department. I'm in the inquiry stage now. Just trying to find out if it can be done. Is there a HOW-TO file somewhere? I just loaded a box with a fresh copy of Fedora 4 and freeRadius. I've been tasked with replacing Radiator, and freeRadius is the preferred path. This is my first stumbling block. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Duane Cox Sent: Wednesday, October 12, 2005 9:15 AM To: FreeRadius users mailing list Subject: Re: Microsoft SQL 2000 interface Yes it can be done. Do you have freeradius talking to the MSSQL db yet? Duane Cox - Original Message - From: Cliff Hayes [EMAIL PROTECTED] To: freeradius-users@lists.freeradius.org Sent: Wednesday, October 12, 2005 8:56 AM Subject: Microsoft SQL 2000 interface All, Sorry to have to bring up the M word, but that's what we have - Microsoft SQL 2000 interfacing with Platypus and Radiator. I searched the FAQ and archives and found no reference to a Microsoft SQL interface. Can I populate my Microsoft SQL DB with freeRadius? If so, how? Thanks, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Microsoft SQL 2000 interface
Ok. Now I got it. Thanks for your patience. I wrote the following instructions if the webmaster would like to include it near the CVS lines we've been talking about. I think it would help people who have not used CVS before :) For those of you new to CVS, it is the preferred method of obtaining our software. Here's what to do: 1. visit http://www.nongnu.org/cvs/#downloading and download, unzip, and install the software (standard ./configure, make, make install) 2. make sure you are in the directory where you want our software to go 3. execute the command: cvs -d :pserver:[EMAIL PROTECTED]:/source login 4. you will be prompted for a password, enter: anoncvs 5. nothing will happen, and you will be returned to the system prompt 6. execute the command: cvs -d :pserver:[EMAIL PROTECTED]:/source checkout module (where module is the name of one of the modules listed below) 7. the above will result in the specified software directory being downloaded to your current directory Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: Thursday, October 13, 2005 3:47 PM To: FreeRadius users mailing list Subject: Re: Microsoft SQL 2000 interface Cliff Hayes [EMAIL PROTECTED] wrote: and executed the command listed on http://www.freeradius.org/development.html#cvs: cvs -d :pserver:[EMAIL PROTECTED]:/source login I entered the password anoncvs and was taken back to the system prompt. Try typing in the *next* command on the web page. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Install - Freeradius can't connect to MySQL
Hello, Warning - newbie installing Freeradius. I get this in the radius.log even though the sql.conf has the correct host/user/password (and I can access MySQL from the command line using the same login criteria): Wed Jun 7 14:01:52 2006 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0 Wed Jun 7 14:01:52 2006 : Error: rlm_sql_mysql: Couldn't connect socket to MySQL server [EMAIL PROTECTED]:radius Wed Jun 7 14:01:52 2006 : Error: rlm_sql_mysql: Mysql error 'Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13)' Wed Jun 7 14:01:52 2006 : Error: rlm_sql (sql): Failed to connect DB handle #0 Wed Jun 7 14:01:52 2006 : Info: Ready to process requests. Thanks, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Install - Freeradius can't connect to MySQL
Yes sir, sure does. It is the same as mentioned in /etc/my.cnf I also ran mysqladmin -p version to make sure Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Wednesday, June 07, 2006 2:42 PM To: FreeRadius users mailing list Subject: Re: Install - Freeradius can't connect to MySQL Hi, to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13)' does this socket file exist? sounds very much like the classic 'socket not where you expect' issue. eg http://lists.cistron.nl/pipermail/freeradius-users/2004-July/034410.html alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Install - Freeradius can't connect to MySQL
That is correct. Here is an exerpt from sql.conf # Connect info server = localhost login = root password = ***the real password is in the file # Database table configuration radius_db = radius And I have already created the radius database and imported the schema. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of N White Sent: Wednesday, June 07, 2006 2:45 PM To: FreeRadius users mailing list Subject: Re: Install - Freeradius can't connect to MySQL Cliff Hayes wrote: Hello, Warning - newbie installing Freeradius. I get this in the radius.log even though the sql.conf has the correct host/user/password (and I can access MySQL from the command line using the same login criteria): Wed Jun 7 14:01:52 2006 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0 Wed Jun 7 14:01:52 2006 : Error: rlm_sql_mysql: Couldn't connect socket to MySQL server [EMAIL PROTECTED]:radius Wed Jun 7 14:01:52 2006 : Error: rlm_sql_mysql: Mysql error 'Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13)' Wed Jun 7 14:01:52 2006 : Error: rlm_sql (sql): Failed to connect DB handle #0 Wed Jun 7 14:01:52 2006 : Info: Ready to process requests. Thanks, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Just to clarify. It looks as though MySQL is running on the localhost (same machine as FreeRADIUS) and you are logging into it with username 'root'. The FreeRADIUS database is named 'radius'. This is correct? -- --- | Nick White | | [EMAIL PROTECTED] | --- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FW: Install - Freeradius can't connect to MySQL
Hello again, This may shed some light on the situation. When I run in debug mode with -x option, it looks like it may be connecting. Am I interpreting the output correctly? If so, is it normal to connect 5 times? Cliff Starting - reading configuration files ... Using deprecated naslist file. Support for this will go away soon. Module: Loaded exec rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded System Module: Instantiated unix (unix) Module: Loaded eap rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap rlm_eap: Loaded and initialized type gtc rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess Module: Instantiated preprocess (preprocess) Module: Loaded realm Module: Instantiated realm (suffix) Module: Loaded SQL rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to [EMAIL PROTECTED]:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 rlm_sql_mysql: Starting connect to MySQL server for #1 rlm_sql (sql): Connected new DB handle, #1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql: Starting connect to MySQL server for #4 rlm_sql (sql): Connected new DB handle, #4 Module: Instantiated sql (sql) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) Module: Loaded files Module: Instantiated files (files) Module: Loaded detail Module: Instantiated detail (detail) Module: Loaded radutmp Module: Instantiated radutmp (radutmp) Initializing the thread pool... Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Cliff Hayes Sent: Wednesday, June 07, 2006 2:28 PM To: freeradius-users@lists.freeradius.org Subject: Install - Freeradius can't connect to MySQL Hello, Warning - newbie installing Freeradius. I get this in the radius.log even though the sql.conf has the correct host/user/password (and I can access MySQL from the command line using the same login criteria): Wed Jun 7 14:01:52 2006 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0 Wed Jun 7 14:01:52 2006 : Error: rlm_sql_mysql: Couldn't connect socket to MySQL server [EMAIL PROTECTED]:radius Wed Jun 7 14:01:52 2006 : Error: rlm_sql_mysql: Mysql error 'Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13)' Wed Jun 7 14:01:52 2006 : Error: rlm_sql (sql): Failed to connect DB handle #0 Wed Jun 7 14:01:52 2006 : Info: Ready to process requests. Thanks, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FW: Install - Freeradius can't connect to MySQL
Here's even more light: When I start freeradius by just typing radiusd on the command line, it connects to MySQL ok. But if I start it like I'm supposed to: service radiusd start, it doesn't. I'm using Fedora 5 with the latest freeradius.i386, freeradius-unixODBC.i386, and freeradius-mysql.i386. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Cliff Hayes Sent: Wednesday, June 07, 2006 4:03 PM To: freeradius-users@lists.freeradius.org Subject: FW: Install - Freeradius can't connect to MySQL Hello again, This may shed some light on the situation. When I run in debug mode with -x option, it looks like it may be connecting. Am I interpreting the output correctly? If so, is it normal to connect 5 times? Cliff Starting - reading configuration files ... Using deprecated naslist file. Support for this will go away soon. Module: Loaded exec rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded System Module: Instantiated unix (unix) Module: Loaded eap rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap rlm_eap: Loaded and initialized type gtc rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess Module: Instantiated preprocess (preprocess) Module: Loaded realm Module: Instantiated realm (suffix) Module: Loaded SQL rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to [EMAIL PROTECTED]:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 rlm_sql_mysql: Starting connect to MySQL server for #1 rlm_sql (sql): Connected new DB handle, #1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql: Starting connect to MySQL server for #4 rlm_sql (sql): Connected new DB handle, #4 Module: Instantiated sql (sql) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) Module: Loaded files Module: Instantiated files (files) Module: Loaded detail Module: Instantiated detail (detail) Module: Loaded radutmp Module: Instantiated radutmp (radutmp) Initializing the thread pool... Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Cliff Hayes Sent: Wednesday, June 07, 2006 2:28 PM To: freeradius-users@lists.freeradius.org Subject: Install - Freeradius can't connect to MySQL Hello, Warning - newbie installing Freeradius. I get this in the radius.log even though the sql.conf has the correct host/user/password (and I can access MySQL from the command line using the same login criteria): Wed Jun 7 14:01:52 2006 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0 Wed Jun 7 14:01:52 2006 : Error: rlm_sql_mysql: Couldn't connect socket to MySQL server [EMAIL PROTECTED]:radius Wed Jun 7 14:01:52 2006 : Error: rlm_sql_mysql: Mysql error 'Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13)' Wed Jun 7 14:01:52 2006 : Error: rlm_sql (sql): Failed to connect DB handle #0 Wed Jun 7 14:01:52 2006 : Info: Ready to process requests. Thanks, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Logging
Hello all, Making good progress learning Freeradius. With your help, my new server is running and authenticating now. However, we are used to being able to see logs of all activity (tail -f logfile). With Freeradius, nothing is being written to the logs unless there is a problem. How can I get the logs to show the same stuff that scrolls when Freeradius is in debug mode? That's the level of detail we're used to seeing in the logs. Thanks, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Logging
Chris, All of those 3 options you mentioned were already set. What else could be wrong? Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Chris Carver Sent: Friday, June 09, 2006 9:33 AM To: FreeRadius users mailing list Subject: Re: Logging Cliff Hayes wrote: Hello all, Making good progress learning Freeradius. With your help, my new server is running and authenticating now. However, we are used to being able to see logs of all activity (tail -f logfile). With Freeradius, nothing is being written to the logs unless there is a problem. This is the normal behavior. You can add additional auth-related logging using these variables in radiusd.conf: log_auth = yes log_auth_badpass = yes log_auth_goodpass = yes How can I get the logs to show the same stuff that scrolls when Freeradius is in debug mode? That's the level of detail we're used to seeing in the logs. I'm really not sure if this is possible because when you using the debugging command line options it tells the server to print them to stderr. I'm not aware of any command line options that can change this. You could always redirect the output. radiusd -xxx radius.log Chris Carver Network Engineer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Logging
Kevin, Tried that. Unfortunately, it acts like starting radiusd with the -x option, which scrolls all output to the screen. I use Fedora 5 with radiusd configured as a service, so when I do service radiusd start, it starts scrolling to the screen. There will not usually be a terminal window dedicated to this box. Also, attempting to stop the scrolling (CTL-C) also terminates the radiusd process. What I really need is for the data to go to the log file. log_auth_goodpass = yes does not appear to work for me for some reason. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kevin Bonner Sent: Friday, June 09, 2006 10:38 AM To: FreeRadius users mailing list Subject: Re: Logging On Friday 09 June 2006 10:57, Cliff Hayes wrote: Chris, All of those 3 options you mentioned were already set. What else could be wrong? Cliff Add this to radiusd.conf: debug_level = 2 (or 3) Debug level 2 gives you the same output as -xx, level 3 gives even more output (and timestamps!). Kevin Bonner - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FW: Logging
I also tried starting radius with -y option (per readme http://www.freeradius.org/radiusd/doc/README) and still there is nothing written to the logs for a good login. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Cliff Hayes Sent: Friday, June 09, 2006 11:02 AM To: FreeRadius users mailing list Subject: RE: Logging Kevin, Tried that. Unfortunately, it acts like starting radiusd with the -x option, which scrolls all output to the screen. I use Fedora 5 with radiusd configured as a service, so when I do service radiusd start, it starts scrolling to the screen. There will not usually be a terminal window dedicated to this box. Also, attempting to stop the scrolling (CTL-C) also terminates the radiusd process. What I really need is for the data to go to the log file. log_auth_goodpass = yes does not appear to work for me for some reason. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kevin Bonner Sent: Friday, June 09, 2006 10:38 AM To: FreeRadius users mailing list Subject: Re: Logging On Friday 09 June 2006 10:57, Cliff Hayes wrote: Chris, All of those 3 options you mentioned were already set. What else could be wrong? Cliff Add this to radiusd.conf: debug_level = 2 (or 3) Debug level 2 gives you the same output as -xx, level 3 gives even more output (and timestamps!). Kevin Bonner - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
NAS table fields
Hello, I looked through all the documentation I could find and surfed google but could not find details on what needs to go in the NAS fields. For example, in the clients.conf file, the only required fields are SECRET and SHORTNAME. In the NAS table, SHORTNAME is optional (can be NULL), and NASNAME cannot be NULL. So, do I copy what I had in the clients.conf SHORTNAME into the NAS table NASNAME? If so, what is SHORTNAME FOR? Also, what is COMMUNITY for? Which fields are used by FreeRadius and which ones are just for reference? Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Logging
But but but... Why doesn't log_auth_goodpass work for me? Does it work for you? This kind of stuff always happens to me (excuse burst of self-pity). -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kevin Bonner Sent: Friday, June 09, 2006 2:04 PM To: FreeRadius users mailing list Subject: Re: Logging On Friday 09 June 2006 12:01, Cliff Hayes wrote: Kevin, Tried that. Unfortunately, it acts like starting radiusd with the -x option, which scrolls all output to the screen. I use Fedora 5 with radiusd configured as a service, so when I do service radiusd start, it starts scrolling to the screen. There will not usually be a terminal window dedicated to this box. Also, attempting to stop the scrolling (CTL-C) also terminates the radiusd process. What I really need is for the data to go to the log file. log_auth_goodpass = yes does not appear to work for me for some reason. Cliff D'oh! I've only ever used that config option when running on the CLI, mainly to continue debugging output after a HUP. I doubt you can do what you want without code changes. Kevin Bonner - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
NAS Server Type
I am a new FreeRadius user and am attempting to switch to FreeRadius. I am trying to switch from clients.conf to the MySQL NAS table. There is a field named type which, per http://www.freeradius.org/radiusd/doc/README has one of the values below. However, when I call our primary carrier, they don't have that information and have never been asked that question. Is type a required field? 3Com/USR Hiper Arc Total Control usrhiper 3Com/USR NetServernetserver 3Com/USR TotalControl tc Ascend Max 4000 familymax40xx Cisco Access Server familycisco Cistron PortSlave portslave Computone PowerRack computone Cyclades PathRAS pathras Livingston PortMaster livingston Multitech CommPlete Servermultitech Patton 2800 familypatton Thanks, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Logging
Not sure how to check the value of that option when running in debug mode as you mentioned. I started radiusd -x, but it doesn't list any options. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kevin Bonner Sent: Friday, June 09, 2006 3:24 PM To: FreeRadius users mailing list Subject: Re: Logging On Friday 09 June 2006 15:51, Cliff Hayes wrote: But but but... Why doesn't log_auth_goodpass work for me? Does it work for you? This kind of stuff always happens to me (excuse burst of self-pity). I'd say to check the value of that option when running in debug mode. On my radius testing server running 1.1.2, it works fine. Kevin Bonner - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
nas table
Hello, I am a new user trying to set up FreeRadius on Fedora 5. I purchased a copy of Hassell's Radius book; didn't seem to help much. I was able to get it to work with clients.conf Then, I converted to MySQL. I think I'm supposed to copy the clients into the nas table, so I did that, but the table doesn't appear to be being used. What do I have to do to use the table? Am I supposed to be using the table? Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: nas table
Thanks. Found it on the last line. readclients = yes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: Monday, June 12, 2006 7:29 PM To: FreeRadius users mailing list Subject: Re: nas table Cliff Hayes [EMAIL PROTECTED] wrote: Then, I converted to MySQL. I think I'm supposed to copy the clients into the nas table, so I did that, but the table doesn't appear to be being used. What do I have to do to use the table? Am I supposed to be using the table? read sql.conf. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Stripped username
Hello,
New user making good progress. Can see light at end of tunnel.
I need to be able to only store the username without realm in the MySQL
radcheck table.
In the sql.conf file, I have tried commenting out the following:
#sql_user_name = %{User-Name}
...and un-commenting the following:
sql_user_name = %{Stripped-User-Name:-%{User-Name:-DEFAULT}}
...and it does not work. But, if I put the username with realm in the
radcheck table, then it works.
I also uncommented the following in the sql.conf file:
default_user_profile = DEFAULT
Cliff
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Stripped username
Thanks. That was it! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: Tuesday, June 13, 2006 11:52 AM To: FreeRadius users mailing list Subject: Re: Stripped username Cliff Hayes [EMAIL PROTECTED] wrote: I need to be able to only store the username without realm in the MySQL radcheck table. To do that, you need to configure a realm, or a DEFAULT realm, so that the username will be stripped before it gets to SQL. Alan Dekok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radreply table / OP field length
Hello, The included db_mysql.sql which creates the MySQL schema required for FreeRADIUS created the radreply table with a two-character OP field (I assume for use with =, =, etc). It defaults to a single = and when I add a record, subsequent queries from a Microsoft SQL 2000 linked Database connection fail because it wants both characters filled (== maybe). We use Platypus as our billing system, which resides in the Microsoft SQL 2000 environment and talks to FreeRADIUS via the link mentioned above. Should I change the default to == or is there something else? Here is the error: Server: Msg 7347, Level 16, State 1, Line 1 OLE DB provider 'MSDASQL' returned an unexpected data length for the fixed-length column '[FreeRADIUS]...[radreply].op'. The expected data length is 2, while the returned data length is 1. OLE DB error trace [Non-interface error: Unexpected data length returned for the column: ProviderName='MSDASQL', TableName='[FreeRADIUS]...[radreply]', ColumnName='op', ExpectedLength='2', ReturnedLength='1']. Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Stripped username
Alan,
I thought I had this working, but it's not after all. I forgot to change
radcheck back to the username only (no realm). When I did that, I could no
longer authenticate.
I added the following to the realms file per your suggestion:
realm afotest.net {
type= radius
authost = LOCAL
accthost= LOCAL
}
I tried using both of the following (one at a time) in the radiusd.conf
file:
sql_user_name = %{Stripped-User-Name:-%{User-Name:-DEFAULT}}
sql_user_name = %{User-Name}
FreeRADIUS sees the request, but still gives Login incorrect
Cliff
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Behalf Of Alan DeKok
Sent: Tuesday, June 13, 2006 11:52 AM
To: FreeRadius users mailing list
Subject: Re: Stripped username
Cliff Hayes [EMAIL PROTECTED] wrote:
I need to be able to only store the username without realm in the MySQL
radcheck table.
To do that, you need to configure a realm, or a DEFAULT realm, so
that the username will be stripped before it gets to SQL.
Alan Dekok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Proxy.conf clients.conf
Hello, I am a new FreeRADIUS user. The server is working for us. However, I am wondering why it won't start if I comment out the includes for clients.conf and proxy.conf. Even setting to debug level 3 doesn't tell me why. We are not proxying, and I have proxying turned off. Also, the clients file is almost completely commented out except for the 127.0.0.1 section, which the directions say should be commented out anyway after testing. Thanks in advance, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Attribute Operators
Perfect! Thanks. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Peter Nixon Sent: Thursday, September 14, 2006 4:48 PM To: FreeRadius users mailing list Subject: Re: Attribute Operators On Thu 14 Sep 2006 19:09, Cliff Hayes wrote: Hello everyone, Does anyone know of a good reference site for the attribute operators (:=, ==, +=) that shows what each means? http://wiki.freeradius.org/index.php/Operators -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Proxy.conf clients.conf
Oops. I forgot to mention that I am using MySQL and have all my client data in the nas table and attributes in the radgroupreply table. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Seferovic Edvin Sent: Friday, September 15, 2006 11:28 AM To: 'FreeRadius users mailing list' Subject: RE: Proxy.conf clients.conf Hello, how do you except the server to work if he doesn't know which clients are allowed to use it? Commenting out the proxy.conf should not affect the server if you do not need proxy features. Regards, Edvin Seferovic -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] g] On Behalf Of Cliff Hayes Sent: Freitag, 15. September 2006 18:07 To: freeradius-users@lists.freeradius.org Subject: Proxy.conf clients.conf Hello, I am a new FreeRADIUS user. The server is working for us. However, I am wondering why it won't start if I comment out the includes for clients.conf and proxy.conf. Even setting to debug level 3 doesn't tell me why. We are not proxying, and I have proxying turned off. Also, the clients file is almost completely commented out except for the 127.0.0.1 section, which the directions say should be commented out anyway after testing. Thanks in advance, Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Proxy.conf clients.conf
Ok, thanks. But how about the include statement for proxy.conf? I have proxy set to No, but if I comment out the include statement, FreeRADIUS will not start. I am using MySQL database interface. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Friday, September 15, 2006 3:24 PM To: FreeRadius users mailing list Subject: Re: Proxy.conf clients.conf Hi, Also, the clients file is almost completely commented out except for the 127.0.0.1 section, which the directions say should be commented out anyway after testing. just tested behaviour in 2.0 CVS pre release. you dont need to have clients.conf - its a 1.1.x issue that you are seeing alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Proxy.conf clients.conf
Sorry. That's the first thing I looked for. Even with debug set to 3 I get no message. It says it is attempting to load the config files, then says FAILED. I am using Fedora, and to install all I did was: yum install freeradius.i386 yum install freeradius-unixODBC.i386 yum install freeradius-mysql.i386 So...I don't have the binary so I start it with: service radiusd start and no doubt I don't get the same feedback as if I were starting a binary. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: Friday, September 15, 2006 4:26 PM To: FreeRadius users mailing list Subject: Re: Proxy.conf clients.conf Cliff Hayes [EMAIL PROTECTED] wrote: I have proxy set to No, but if I comment out the include statement, FreeRADIUS will not start. Presumably it prints out some kind of error message. What would that be? Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Proxy.conf clients.conf
I have 1.1.2, so I'll have to upgrade. Thanks. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Friday, September 15, 2006 4:40 PM To: FreeRadius users mailing list Subject: Re: Proxy.conf clients.conf Hi, Ok, thanks. But how about the include statement for proxy.conf? I have proxy set to No, but if I comment out the include statement, FreeRADIUS will not start. I am using MySQL database interface. I cannot see such a problem with proxy.conf on either 1.1.3 or 2.0pre alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Proxy.conf
Hello, --1-- I am running FreeRADIUS 1.1.2 with MySQL database support. When I comment out the include line for proxy.conf, my users can no longer authenticate. The logs show their entire username + realm instead of just the username. I figure it is because it can't strip the realm anymore because it doesn't know what the realm is. There are REALM sections in the proxy.conf, with type, authhost, and accthost statements. I have entries there for each of my realms. I have not found an equivalent to the REALMS section of proxy.conf in MySQL. Do I use the radgroupcheck table? If so, do I add the authost and accthost lines? --2-- Does auth-type=local have to be in both radgroupcheck and radgroupreply? Cliff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Proxy.conf
Ok. Thanks. I'm trying to learn. The instructions in radiusd.conf say the following: # To disable proxying, change the yes to no, and comment the # $INCLUDE line. Here's the issue -- how can I comment out the include line if that is what causes my problem. I want to disable proxying. I thought, since that was in the instructions, there must be some other place to put realm info. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: Monday, September 18, 2006 1:20 PM To: FreeRadius users mailing list Subject: Re: Proxy.conf Cliff Hayes [EMAIL PROTECTED] wrote: When I comment out the include line for proxy.conf, my users can no longer authenticate. The logs show their entire username + realm instead of just the username. I figure it is because it can't strip the realm anymore because it doesn't know what the realm is. Exactly. There are REALM sections in the proxy.conf, with type, authhost, and accthost statements. I have entries there for each of my realms. I have not found an equivalent to the REALMS section of proxy.conf in MySQL. Do I use the radgroupcheck table? If so, do I add the authost and accthost lines? You can't put the REALMS into SQL. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FW: Proxy.conf
No reponse. Allow me to restate the question. There in instructions in radiusd.conf that say # To disable proxying, change the yes to no, and comment the # $INCLUDE line. But, it appears that the $INCLUDE for proxy.conf is mandatory regardless of whether proxying is done because it contains the realms. If so, that is an error in the instructions. If not, then I'm missing something and would like to know because I am not proxying. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Cliff Hayes Sent: Monday, September 18, 2006 3:49 PM To: FreeRadius users mailing list Subject: RE: Proxy.conf Ok. Thanks. I'm trying to learn. The instructions in radiusd.conf say the following: # To disable proxying, change the yes to no, and comment the # $INCLUDE line. Here's the issue -- how can I comment out the include line if that is what causes my problem. I want to disable proxying. I thought, since that was in the instructions, there must be some other place to put realm info. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: Monday, September 18, 2006 1:20 PM To: FreeRadius users mailing list Subject: Re: Proxy.conf Cliff Hayes [EMAIL PROTECTED] wrote: When I comment out the include line for proxy.conf, my users can no longer authenticate. The logs show their entire username + realm instead of just the username. I figure it is because it can't strip the realm anymore because it doesn't know what the realm is. Exactly. There are REALM sections in the proxy.conf, with type, authhost, and accthost statements. I have entries there for each of my realms. I have not found an equivalent to the REALMS section of proxy.conf in MySQL. Do I use the radgroupcheck table? If so, do I add the authost and accthost lines? You can't put the REALMS into SQL. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
