So, I read all of the debugging output and I find that mschap failed
to find a nt/lm password and stop the real authentication at this
moment.
Can you know what is the problem? I think freeradius can't find active
directory but it works when I only use the ntlm_auth command so I
don't understand.
Hello all,
I asked myself how to log rejected requests. For example:
- Certificates which were revoked (CRL)
- Wrong Certificates
- or something else
I thought about something like the post-auth procedure.
Sure there is the possibility to scan the whole radius log file, but that's
not what I
On Thu, Apr 21, 2005 at 01:14:15AM +0200, Emil Wilmanski wrote:
Check output of perl -V, see if it does include useshrplib=true? and
libperl=libperl.so.
$perl -V | grep -i useshrplib
-Duseshrplib -Dlibperl=libperl.so.5.8.4 -Dd_dosuid -des'
libc=/lib/libc-2.3.2.so, so=so,
Hello again,
ok, ok,
Reading often helps ..
Here is an extract of radiusd.conf:
[...]
# Access-Reject packets are sent through the REJECT sub-section of
the
# post-auth section.
# Uncomment the following and set the module name to the ldap
instance
#
Dnia 21-04-2005, czw o godzinie 10:57 +0300, Boian Jordanov napisa(a):
Ok you can see that your perl come with libperl.so.5.8.4 and i guess
that DBI.so is linked against this libperl.so.5.8.4
# ldd /usr/lib/perl5/auto/DBI/DBI.so
libc.so.6 = /lib/tls/i686/cmov/libc.so.6
Hello,
I'm having a bit of trouble matching attribute values in the users
config file. I'm running freeradius 1.0.2. I have several DEFAULT
entries starting with a series of checks. The problem is, on the last
DEFAULT entry the attribute gets added regardless of whether the match
is true or
Hi All,
I'm using freeradius1.0.2 to provide L2TP sessions authentications
between 2 Redbak BAS and 3 Cisco LNS
I can negociated L2TP LNS Tunnel endpoint sessions on a user base
(staticly), but I would like to negociate the tunnel end point in a
dynamic way to integrate failover and load
FreeBSD V5.3
FreeRadius V1.0.2
Windows XP Home
Dlink 2100 Access Point
Dlink G132 USB Wireless Adapter
self-signed server certificates using openssl v0.9.7e
I'm using EAP/TLS successfully, however I'd like to have
the user challenged to enter a password prior to being
given access to the local
Hello
I'm new to the list :-)
I am setting up a chillispot server to manage our future WiFi network
and I wonder if the schemas given with the lastest freeradius
ditribution as it is marqued for LDAP-v3 are OK for LDAP-v2 ?
We actually use LDAP v2 ( openldap 2.0.27 ) as centralized
auth system
I have the following situation. The user XXX exists in the
radcheck table. He has its password and everytingh works ok.
Upon an access-request, if user/password provided are ok, I
get an access-accept response with a reply containing the
attribute assigned to the XXX user in the
, so I want to know:
I downloaded the latest CVS snapshot (freeradius-snapshot-20050421).
Should I use this snapshot in production, or is it better to use 1.0.2
patching it with the fix?
If I should use a patched 1.0.2, what would be the best way to patch it?
Just replace the src/modules/rlm_exec
I have the following situation. The user XXX exists in
the radcheck table. He has its password and
everytingh works ok. Upon an access-request,
if user/password provided are ok, I get an
access-accept response with a reply containing the attribute
assigned to the XXX user in
Frank Bonnet wrote:
I am setting up a chillispot server to manage our future WiFi network
and I wonder if the schemas given with the lastest freeradius
ditribution as it is marqued for LDAP-v3 are OK for LDAP-v2 ?
We actually use LDAP v2 ( openldap 2.0.27 ) as centralized
auth system and we do
Le Jeudi 21 Avril 2005 07:53, Frank Bonnet a écrit :
Hello
I'm new to the list :-)
I am setting up a chillispot server to manage our future WiFi network
and I wonder if the schemas given with the lastest freeradius
ditribution as it is marqued for LDAP-v3 are OK for LDAP-v2 ?
We actually
frad [EMAIL PROTECTED] wrote:
I'm using EAP/TLS successfully, however I'd like to have
the user challenged to enter a password prior to being
given access to the local network.
EAP-TLS doesn't work that way.
You want to use EAP-PEAP, or EAP-TTLS.
Alan DeKok.
-
List
Lucas Aimaretto [EMAIL PROTECTED] wrote:
Hey, come on people ... just wanna know if this is normal or not
I want to get paid to answer questions here. Sadly, that isn't
happening.
But the thing is that the user exists but there was a password failure
... and got the reply attributes
Juan Nin [EMAIL PROTECTED] wrote:
I downloaded the latest CVS snapshot (freeradius-snapshot-20050421).
Should I use this snapshot in production, or is it better to use 1.0.2
patching it with the fix?
Use the 1.0 branch from CVS.
$ cvs -d :pserver:[EMAIL PROTECTED]:/source checkout -r
Sylvain Clerc [EMAIL PROTECTED] wrote:
So, I read all of the debugging output and I find that mschap failed
to find a nt/lm password and stop the real authentication at this
moment.
Yes, but it also failed to find a User-Password.
If you don't tell the server what password to use for
Chris Carver [EMAIL PROTECTED] wrote:
redirectPort80 is an
attribute tied to an ldap attribute through the ldap_attrs file.
Did you define it in the dictionaries?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hey, come on people ... just wanna know if this is normal
or not
I want to get paid to answer questions here. Sadly, that
isn't happening.
I have a theory: meanwhile rougher and sarcastic I put myself, more
attention I receive
The thing is that the user exists but there was
I installed Freeradius server on FreeBSD. The installation went well, but I tried to test it, I got no response from Radius server.
After I ran radiusd, I got "The Apr 21 14:29:23 2005: Info: Starting-reading configuration files... ", then back to radius#
If I ran ps, it seems Radius is not
Title: Can I have multiple authcheck_table in postgresql.conf
Hi all,
I have a freeradius configured with postgresql , both are work well.
Because we have two groups of users in two different authentication tables in the DB, and I want freeradius will check both table when it get
I have just configured freeradius with ntlm, but I dont understand your
problem, Can I help you?
Le Jeudi 21 Avril 2005 12:22, Alan DeKok a écrit :
Sylvain Clerc [EMAIL PROTECTED] wrote:
So, I read all of the debugging output and I find that mschap failed
to find a nt/lm password and stop
Start radiusd like this radiusd X and
you should see it read the config files and it will run in the foreground. The X
is extended debug mode. Equivalent to -sfxx. This
should let you see where the failure is occurring.
David
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Hi again..
First thanks to Alan, and sorry if my previous question had been already asked
Now, I downloaded the 1.0.x branch from CVS, compiled it and
configured it exactly like I had the 1.0.1 running with mysql for
accounting.
Killed the 1.0.1 and started the new one, and the braces
Firewall maybe? This could be quite a few different things. You may want to
run radiusd in debug mode and see if there is ANY communication with the the NT
machine at all. I'm guessing there won't be.
... Miles Mawyer -=- Webmaster . Centralva.net ...
... [EMAIL PROTECTED] ...
...
Juan Nin [EMAIL PROTECTED] wrote:
Should I add these characters to safe-characters in sql.conf??
Sure.
If this is the case, why did this beheaviour change between 1.0.1 and
current CVS?
Because there were bugs fixed.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Brian Gao [EMAIL PROTECTED] wrote:
My question is in the configure file ---postgresql.conf, can I add another
authcheck_table, which means can I have two (or multiple)
authcheck_table in that file? Of course I have to create two
tables(radcheck and radcheck_2) in DB first.
No, but you can
Wolfgang Hottgenroth [EMAIL PROTECTED] wrote:
The ~*, shouldn't that be !* to be in sync with token.h:
Yes. Fixed, thanks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Guys,
Is it possible for the output of Exec-Program-Wait become check item? let say
user files
==
DEFAULT Realm == foo, Login-Time := Any0900-1200
Exec-Program-Wait := `/tmp/testscript`,
Fall-Through = Yes
Hello,
sorry for this fool question, perhaps this have been discuss before.
i user freeradius-1.0.2 and dialup admin, the problem is, the
clients still can connect through radius server even the daily limit
is over.
i've implement
31 matches
Mail list logo
