(RADIATOR) Blocking Time not working (v. 2.13)?
Hi Mike and all, Our production radiator server is still with 2.13. It always worked, but recently we set up some time restrictions, and it isn't working. Users are still connected even when they're in Linux "business" group. My USERS file has the following DEFAULTs: DEFAULT Auth-Type = System, Group = users, Simultaneous-Use = 1 DEFAULT Auth-Type = System, Group = business, Simultaneous-Use = 1 Time = "Sa0700-1200,Wk0700-1900" DEFAULT Auth-Type = Reject, Group = bloqueado When a user from group "bloqueado" tries to log in, access is correctly rejected. The only problem is that the "Time" item is being ignored for group "business". We auth against SHADOW file. My realm: Realm DEFAULT AuthByPolicy ContinueUntilAccept AuthBy FILE /AuthBy/Realm What I'm doing worng? Cheers, Ricardo Freire, MCPAll Ways Provedor Internet
(RADIATOR) DefaultRealm behavior in 2.14
Mike, I'v read this thread brought by Ian, but I didn't understand it. I used to have 4 Clients, all referencing the same DefaultRealm. It always worked before 2.14. Now, it is appending the realm in the username. If I comment the DefaulRealm clause, I get: "Fri Jul 23 16:57:52 1999: WARNING: Could not find a handler: request is ignored" I have to strip out the realm. I think it shouldn't be necessary. So my question is: "How can I have a default realm, without having to strip it out before auth?" Cheers, Ricardo Freire, MCP === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) How to drop calls in Ascend boxes?
Hi all, We have: - Radiator 1.13.1 (with all patches); - NT4 SP5; - Auth By Emerald in MSSQL6.5 (binded to Platypus in RadiusNT mode); - Our NASes are Ascend MAX. How to drop dial-up customers from Radiator? I tried to use radacct.cgi, but I have little knowledge of SNMP OIDs and so... Best Regards, Ricardo Freire === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Re: Error initializing Radiator
Please ignore my last post... I hadn't read yet Mike's response to Gustavo. Latest radiusd works fine. Mike is still incredible fast... :-) Cheers, Ricardo Freire === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Error initializing Radiator
Mike, I always apply all patches you deploy (although most of it I don't need anyway :-). Last monday I applied the latest patches, and Radiator now comes with it: C:\Radiator-2.13.1perl radiusd -config_file c:\etc\radius.cfg -trace 3 Undefined subroutine Radius::Realm::reinitialize called at radiusd line 160. I didn't change *anything* on this server. I just applied some newer .PM (on c:\perl\lib\radius\ folder) and "radiusd" (on c:\radiator-2.13.1\ folder). This is a test environment, so before I rollback all patches I applied, I'd like to hear from you. What should be causing this? Cheers, Ricardo Freire === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Re: your mail
interesting. Do you all feel its a good idea to "lowercase and chop" all usernames like this, and just let the user have "[EMAIL PROTECTED]" incorrectly in their dial up config, or do you think its better to correct for it? I think the RewriteUsername would cut down alot of tech support calls, and really its harmless so long as its only their dialup config that is braindead and not their mail config etc. I think it's not a good idea. Remeber that the password will not be touched, so if your customer forgot to turn off caps lock, the authentication will fail anyway, and support calls will happen. Cheers, Ricardo Freire === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Re: Duplicate request id
Hi Mike, - I have 3 Ascend NASes, and we receive it very often too. - I have NO DupInterval set on my client clauses, so it has the default value. - Should we try another value for this (say, 100 or less)? Cheers, Ricardo Freire Subject: hello, Could someone shed some light on the meaning of the following Duplicate request id 52 received from xxx.xxx.xxx.xxx: ignored I keep getting this message in my logfile every so often. You probably have DupInterval set a bit to big for your setup. Hope that helps. Cheers. === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Simultaneous-Use question
Thanks to all! Now I understand this check item clearly. But I'm still in trouble: If I comment MaxSessions line, everyone can connect more than once at a time. Since all my users are authenticated against a SQLServer table, how should I put "Simultaneous-Use" check item for each user? I tried to use this, with no success (everyone can auth with the right password, regardless the sim-use item): AuthSelect select Password, Simultaneous-Use from Customer where UserName='%n' AuthColumnDef 0, User-Password, check AuthColumnDef 1, Simultaneous-Use, check Am I missing something here? Cheers, Ricardo Freire All Ways Provedor Internet O Primeiro Provedor Totalmente Digital da Bahia Link de 1.2Mb, direto com a Embratel! -Original Message- From: Anton Sparrius [EMAIL PROTECTED] To: Ricardo Freire [EMAIL PROTECTED] Date: Sexta-feira, 19 de Fevereiro de 1999 20:01 Subject: Re: (RADIATOR) Simultaneous-Use question I believe that which ever is lowest, takes affect. So if your Maxsessions is 1, and your Sim-Use is 2, it will only alow 1. However, in your users file, you can put Sim-Use = 1 for the DEFAULT users, and SIm-Use = x for ones that you want different. Then, you don't use MaxSess at all. Regards, Anton Sparrius --- Smarter Wayhttp://www.smart.net.au Email[EMAIL PROTECTED] Phone (03) 9846 1711 Melb 1800-240-829 Sydn 1800-888-761 -Original Message----- From: Ricardo Freire [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] Date: Saturday, February 20, 1999 5:42 AM Subject: (RADIATOR) Simultaneous-Use question Hi Mike, I think Simultaneous-Use overrides MaxSessions option, so I can't figure out why this is not working here: RADIUS.CFG SessionDatabase SQL (stuff here) /SessionDatabase Realm allways.com.br MaxSessions 1 AuthByPolicy ContinueUntilAccept AuthBy EMERALD (stuff here) /AuthBy AuthBy FILE /AuthBy /Realm USERS: ricardo Simultaneous-Use = 2,User-Password = "my password" When I try the second connection (actually via radpwtst), I get this log: Fri Feb 19 16:00:10 1999: INFO: Access rejected for ricardo: MaxSessions exceeded (Do you recognize some patch here? :-) (btw, I'm using radpwtst, so I have to "manually" put a record in the sessiondatabase table). Best regards, Ricardo Freire === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Simultaneous-Use question
Hi Mike, I think Simultaneous-Use overrides MaxSessions option, so I can't figure out why this is not working here: RADIUS.CFG SessionDatabase SQL (stuff here) /SessionDatabase Realm allways.com.br MaxSessions 1 AuthByPolicy ContinueUntilAccept AuthBy EMERALD (stuff here) /AuthBy AuthBy FILE /AuthBy /Realm USERS: ricardo Simultaneous-Use = 2,User-Password = "my password" When I try the second connection (actually via radpwtst), I get this log: Fri Feb 19 16:00:10 1999: INFO: Access rejected for ricardo: MaxSessions exceeded (Do you recognize some patch here? :-) (btw, I'm using radpwtst, so I have to "manually" put a record in the sessiondatabase table). Best regards, Ricardo Freire === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.