Re: [RADIATOR] R: digipass PinEnabled
On 06/25/2013 09:19 PM, Fabio Prina wrote: > In any case I'll appreciate your help > All my tokens are "Digipass Go 6" I think your only choice is to see if there is a second file or a folder mentioning nonstatic or something similar in the name. We do not know enough about the dpx file format to tell how PinEnabled can easily be changed during the import. Changing the PIN or forcing a PIN change for imported tokens does not work with digipass.pl if the PIN is already not enabled. The libraries just respond with 'PIN Not Supported'. I think the similar applies to turning PIN check off. It has to be done during the import. Thanks, Heikki -- Heikki Vatiainen Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] R: EAP-Peap-ntlm stops
On 12/12/2011 07:49 PM, Fabio Prina wrote: > I've read the 2 link, and I suppose that this is the problem; my current > samba version is an 3.2.5 > the ntlm auth do not work only in this case If you are using RedHat or Centos, you may want to consider samba3x RPM. I have not used it myself, but apparently ntlm_auth should work with that version. -- Heikki Vatiainen Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: (RADIATOR) %R
Hello Emin - Thanks for sending the log, but I can't see anything wrong with it (other than the second packet shown does not match the debug). Could you please provide me with a bit more detail? BTW - the latest version of Radiator is 2.19. regards Hugh On Tue, 11 Dec 2001 22:28, Bozkurt, Emin wrote: > hi, > i have a problem with the special character "%R". the users of our network > have a lot of different user realms where the realm format is specified as: > dnnnk (for example d001k12345678) ore K (for example > K12345678). > for handeling all the requests with one handler we constructed this > handler. > > Service-Type=Framed-User> > > Filename /usr/local/lib/radiator/users/%R > > > > and now the problem: > it seems, that if there are many request with different realms, the pointer > ( /usr/local/lib/radiator/users/%R) loks at the wrong file to match the > request. > we use radiator 2.18. > by debugging sometimes the file radiator try to match the request is shown > and somtimes not. by rejekt's this information is newer shown, so i can't > check, if radiator looks in the right file or not. > some debugs are attached. > > hope you can help me. > best regards > emin > > > > <> > > > Emin Bozkurt > System Technik > > riodata GmbH > Hessenring 13 a > 64546 Mörfelden > > Fon +49 6105 2843 812 > Mobile+49 163 2843 184 > Fax +49 6105 2843 777 > > www.riodata.de -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) %R
Hi, I guess (but Hugh or Mike could prove me wrong) that the problem lies in caching. I didn't read the source, but I guess the file caching is done on an AuthBy basis (and not on a "different file" basis). The manual states (release 2.18.4): > For performance reasons, AuthBy FILE opens and reads the user database > at start-up, reinitialisation and whenever the file's modification > time changes, (i.e. the database is cached within Radiator). Since the > user database is cached in memory, large databases can require large > amounts of memory. Since the actual file name is known when the first @dnnnk or @K comes in, and that is the file checked for every access in that realm. You could do the following: Filename /usr/local/lib/radiator/users/%R Nocache and that might work, alas, at the expense of performance. If one of those files is too large, you would be in trouble (I think the searches in the file are linear). Proably keeping a copy of the files in a ram disk and pointing to them would speed up the look-ups a bit... but they are still linear, if you can, order the users inside a file by rate of use. El 11 Dec 2001 a las 12:28, Bozkurt, Emin escribió: > hi, > i have a problem with the special character "%R". the users of our network > have a lot of different user realms where the realm format is specified as: > dnnnk (for example d001k12345678) ore K (for example > K12345678). > for handeling all the requests with one handler we constructed this handler. > > Service-Type=Framed-User> > > Filename /usr/local/lib/radiator/users/%R > > > > and now the problem: > it seems, that if there are many request with different realms, the pointer > ( /usr/local/lib/radiator/users/%R) loks at the wrong file to match the > request. > we use radiator 2.18. > by debugging sometimes the file radiator try to match the request is shown > and somtimes not. by rejekt's this information is newer shown, so i can't > check, if radiator looks in the right file or not. > some debugs are attached. > > hope you can help me. > best regards > emin > > > > <> > > > Emin Bozkurt > System Technik > > riodata GmbH > Hessenring 13 a > 64546 Mörfelden > > Fon +49 6105 2843 812 > Mobile+49 163 2843 184 > Fax +49 6105 2843 777 > > www.riodata.de > > > > -- Mariano Absatz El Baby -- Gene Police!!! Get out of the pool!! === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
