On Fri, Sep 02, 2005 at 01:16:31AM +0200, Thor Spruyt wrote:
I'm wondering if rlm_perl will support pre/post-proxy functions in the next
release?
This is allready in CVS. You can checkout release 1.19 of rlm_perl and
use it with freeradius 1.0.4
--
Best Regards,
Boian Jordanov
SNE
Orbitel -
Alan DeKok [EMAIL PROTECTED] rašė:
Use LDAP as a database, not as an authentication server.
See many, many, posts on this topic to this list.
Is there a way to do this authentification and NOT turning MS-CHAP
protocol in VPN box? Are there some kind of preauth hooks in Radius?
Have
Thank You Alan and Stefan for your replies.
So if I understand correctly in case of authentication methods like
CHAP the client does NOT SEND ANYTHING SIGNED with the shared secret
and as such the RADIUS server CANNOT verify whether the client has the
proper shared secret. In this case it is the
Hi,
Please check the certificate used by the LDAP server using
iManager. In case the server is using SSL CERTIFICATE DNS(by default
this is what is used) you need to enter hostname of the LDAP server in
the server field below and not the IP address.
ldap ldap1 {
server =
Hello
In my radius I'm using two ldap for authenticating users.
Some users have accounts in the two ldaps
my radiusd.conf
authorize {
ldap_etu
ldap_prof
}
authenticate {
Auth-Type LDAP {
ldap_etu {
reject = 1
}
Title: Message
Hi,
I use Funk Odyssey. It works really well with EAP-TTLS/PAP.
We use an LDAP connection to our AD Global Catalogs to just query the validity
of the user credentials and obtain the memberOf attributes.
The Odyssey GINA module seems pretty reliable.
Rgds,
Guy
.
-- next part --An HTML attachment was scrubbed...URL: https://list.xs4all.nl/pipermail/freeradius-users/attachments/20050902/f1c59f12/attachment-0001.html
--Message: 5Date: Fri, 02 Sep 2005 02:04:38 +0200From: J?r?my Cluzel [EMAIL PROTECTED]Subject
All, ( Apologies for the size of the is mail before beginning :-)
Have already got this working once. I inserted an extra printf statement in
the radclient.c file yesterday and remade
just to get extra information. Ever since then its decided not to play ball
even after a reboot and backing out
Hi.
I'm having sort of a cache problem using the passwd module.
I'm using the passwd module to lookup users in a SMBPASSWD file. This
works great. But if new users are added or a user change his/hers
password. Then I have to restart freeradius to make changes visible to
freeradius.
Is there a
Things to look for for machine auth:
* SP2 or at least KB826942 loaded
* AuthMode key set to 2
* certs + ca loaded into machine store
* certs with the correct attributes + the magic attribute I've mentioned before
* make sure you select the correct CA in Validate server certificate section
* send
Hi,
I want to use
- EAP-TLS for machine auth (with cert.)
then
- EAP-PEAP for the user auth (with login/password)
I managed to make both to work alone but not together...
I just want to follow the xp supplicant behaviour:
- computer auth. before logon to gain network access to the domain
Vilius =?utf-8?b?xaB1bXNrYXM=?= [EMAIL PROTECTED] wrote:
When I connect to VPN, user and password are verified and radius says
their are ok. After that VPN client registers me on the network (gets
IP address and so on). But in the middle of registration something
happens and I get
Hi Jeremy,
Unfortunately, the windows supplicant won't let you do that. Various third
party supplicants can do it but not the one included by MS.
Again, I know that the Funk Odyssey client can do this because I've done it
myself (before I got GINA working). My main area of dissatisfaction
Iandc Davies [EMAIL PROTECTED] wrote:
Copied dictionary file from an old server version (0.8.1) - file available
at bottom of mail
PLEASE don't do that. It's not necessary at all. The dictionaries
SHOULD NOT be edited, unless you know EXACTLY what you're doing.
1. In the /etc/raddb/users
Sayantan Bhowmick [EMAIL PROTECTED] wrote:
So if I understand correctly in case of authentication methods like
CHAP the client does NOT SEND ANYTHING SIGNED with the shared secret
and as such the RADIUS server CANNOT verify whether the client has the
proper shared secret. In this case it is
Boian Jordanov wrote:
On Fri, Sep 02, 2005 at 01:16:31AM +0200, Thor Spruyt wrote:
I'm wondering if rlm_perl will support pre/post-proxy functions in
the next release?
This is allready in CVS. You can checkout release 1.19 of rlm_perl and
use it with freeradius 1.0.4
Sure, but will it be
when I go to start radiusd I get the following error:
radiusd.conf[1383] Failed to link to module 'rlm_exec':
dlopen(/usr/local/lib/rlm_exec-1.0.4.so, 9): Symbol not found:
_debug_flag Referenced from: /usr/local/lib/rlm_exec-1.0.4.so
Expected in: flat namespace
This is a fresh install on a
Thor Spruyt [EMAIL PROTECTED] wrote:
This is allready in CVS. You can checkout release 1.19 of rlm_perl and
use it with freeradius 1.0.4
Sure, but will it be in the next official release?
I'll take a look at it.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Erling Paulsen [EMAIL PROTECTED] wrote:
I'm using the passwd module to lookup users in a SMBPASSWD file. This
works great. But if new users are added or a user change his/hers
password. Then I have to restart freeradius to make changes visible to
freeradius.
Or, send it a HUP signal.
I have this line in my /etc/raddb/users file: DEFAULT
Auth-Type = System
rad_check_password: Found Auth-Type System
auth: type System
ERROR: Unknown value specified for Auth-Type.
Cannot perform requested action.
auth: Failed to validate the user.
Login incorrect: [aweaver/12345]
Supplicant: Windows XP SP2 setup for PEAP authentication
WAP: D-Link DI-524
Server: SuSe LINUX 9.3, freeradius-1.0.2-5.5
I'm trying to setup RADIUS/WPA authentication using PEAP as described in -
http://www.ibiblio.org/pub/Linux/docs/HOWTO/8021X-HOWTO - but I never seem to
get past the Sending
Adam Tauno Williams [EMAIL PROTECTED] wrote:
I'm trying to setup RADIUS/WPA authentication using PEAP as
described in -
http://www.ibiblio.org/pub/Linux/docs/HOWTO/8021X-HOWTO - but I
never seem to get past the Sending Access-Challenge after I enter
my username and password on the client.
In the enterprise where I'm working, a server with Radius failed last
week... The HD doesn't work again, and the config of the Radius server
wasn't in backup.
This server is used by an application that come with instrucctions about how
to config a dictonary in Radius server, and this is the
Borrame Deleteme [EMAIL PROTECTED] wrote:
This server is used by an application that come with instrucctions about how
to config a dictonary in Radius server, and this is the instrucctions. The
program is called Walabi:
1.- Added the following 4 lines in vendor.ini
FreeRADIUS doesn't
:(
On 9/2/05, Daniel Corbe [EMAIL PROTECTED] wrote:
when I go to start radiusd I get the following error:
radiusd.conf[1383] Failed to link to module 'rlm_exec':
dlopen(/usr/local/lib/rlm_exec-1.0.4.so, 9): Symbol not found:
_debug_flag Referenced from: /usr/local/lib/rlm_exec-1.0.4.so
Daniel Corbe [EMAIL PROTECTED] wrote:
:(
Google the mailing list archives.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
Erling Paulsen [EMAIL PROTECTED] wrote:
I'm using the passwd module to lookup users in a SMBPASSWD file. This
works great. But if new users are added or a user change his/hers
password. Then I have to restart freeradius to make changes visible
to freeradius.
Or, send it
On 9/2/05, Daniel Corbe [EMAIL PROTECTED] wrote:
when I go to start radiusd I get the following error:
radiusd.conf[1383] Failed to link to module 'rlm_exec':
dlopen(/usr/local/lib/rlm_exec-1.0.4.so, 9): Symbol not found:
_debug_flag Referenced from: /usr/local/lib/rlm_exec-1.0.4.so
Yes,
Compiled from source. FreeRADIUS 1.0.4
jomama:/usr/local/src root# /usr/local/sbin/radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file:
Hi,
I am currently running into an issue using FreeRadius with a client
doing EAP/peap and a LDAP backend, and hoping someone may be able to
help me. I am using FreeRadius 1.0.4, OpenSSL 0.9.7g, and SunOne
Directory 5.2 as the LDAP (With passwords stored in clear text.)
Thanks for your time,
30 matches
Mail list logo