Hi All,I have some doubts.. 1. How to configure the freeradius1.0.5 version, to support Active directory service for user authentication.
For ldap .. we have rlm_ldap module to configure it. Same kind of configuration is there for ADS also ??
2. Assigning vlan id's to user group is possible
Hi,
but what if I "only" have session data in SQL?
Running radzap manually for each user is not a good idea by 200 users. And I
haven't found any entries how deletestatlesssessions ( in sql.conf ) work :(
sorry - I probably missed something.
Any hints please :(
Regards,
Edvin
-Original M
"Seferovic Edvin" <[EMAIL PROTECTED]> wrote:
> But how to use radzap when only using SQL for session tracking...
In 1.0.5 and following, radzap is just a shell script wrapper around
radwho && radclient. You can use radclient to create a fake "stop"
packet, and send that to the server.
> Is it
But how to use radzap when only using SQL for session tracking... I've tried
it but it said it cannot find radutmp ( because Ive commented it in
radiusd.conf - I do not need it.. or do I ?? ).
Is it kind of OK to have session tracking in sql and radutmp?
How should I start radzap ( or is it run
"Seferovic Edvin" <[EMAIL PROTECTED]> wrote:
> Are there any workarounds for this scenario? I've found
> deletestatlesssessions in sql.conf file, but I have no idea how does this
> work ( it is set to "yes" but no use ). Since my NAS is POPTOP server, type
> is set to "other" and checkrad cannot ch
Stephen Walsh <[EMAIL PROTECTED]> wrote:
> I've tested it further and you are right, the search isn't recursively
> entering the tree. What in the search changed between 1.01 (which works)
> and 1.04 (which returns errors when trying to enter the OU's)?
I have no idea. I've looked, and can't se
"Nataniel Klug" <[EMAIL PROTECTED]> wrote:
> Now you have gived me a tip... At my Fedora there is no group shadow
$ vi /etc/group
add "shadow" ??
> so I put radius to run as group "root" so it could read /etc/shadow
> only if I set +r to group at shadow files.
It's usually better to *not*
Thanks !
That is all what i wonted to know.
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Thursday, January 26, 2006 8:46 PM
Subject: Re: another mysql database
"debik" <[EMAIL PROTECTED]> wrote:
Is it possible to configure rad
You may read the doc wrong. The group you should look for is
"radiusd". When you create user "radiusd", the group "radiusd"
should also be created if you use adduser command to do the job.
You don't what user "radiusd" belong to group "root". Do
"chgrp radiusd /etc/shadow".
Min
> -Origin
Hi Romao,What are you using to view the packet? Many packet analysis and RADIUS check tools require their own dictionary (e.g. NTRadPing). If this is the case and you've not updated the dictionary for that tool, then that's exactly what I'd expect you to see.
Rgds,GuyOn 26/01/06, Romao Izumi Ito
Alan,
Now you have gived me a tip... At my Fedora there is no group shadow, so I
put radius to run as group "root" so it could read /etc/shadow only if I set
+r to group at shadow files.
Att,
Nataniel Klug
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: "FreeRadius user
Title: VSA Problem
Hello,
I'm working with Nortel Network Passport and I’m trying to configure a new dictionary on the freeradius.
In the vendors doc we have following VSA and Vendor-ID:
VENDOR nortel 562
ATTRIBUTE Passport-Command-Scope 200
"debik" <[EMAIL PROTECTED]> wrote:
> Is it possible to configure radius to connect to the two databases.
> If in one database user do not exist, so connect to another database and
> search for entry for that user.
Yes. See doc/configurable_failover.
> Sorry for my english if make some mistakes
On Thursday 26 January 2006 13:33, dark0s dark0s wrote:
> Can you tell me if exist a PCMCIA card that doesn't request wpa_supplicant;
> i.e. a card that authenticates directly, after the configuration of
> freeradius 1.0.5 and openssl?
This is off topic and has nothing to do with EAP-TLS or really
dark0s dark0s schrieb:
> 1) About ctrl_interface variable, /var/run/wpa_supplicant doesn't on Windows
> 2) Where do I have to insert the configuration file
> 3) If I must enable only WEP, what should be the configuration file
1. the name is correct
2. where you put the the wpa_supplicant.exe fi
Can you tell me if exist a PCMCIA card that doesn't request wpa_supplicant; i.e. a card that authenticates directly, after the configuration of freeradius 1.0.5 and openssl?
Yahoo! Messenger with Voice: chiama da PC a telefono a tariffe esclusive-
List info/subscribe/unsubscribe? See http://www.
Is it possible to configure radius to connect to
the two databases.
If in one database user do not exist, so connect to
another database and search for entry for that user.
Sorry for my english if make some
mistakes.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/use
1) About ctrl_interface variable, /var/run/wpa_supplicant doesn't on Windows 2) Where do I have to insert the configuration file 3) If I must enable only WEP, what should be the configuration file
Yahoo! Mail: gratis 1GB per i messaggi, antispam, antivirus, POP3-
List info/subscribe/unsubscrib
> I would like to build a new query to insert
> user's MAC address into radcheck table, as users log-out (accounting-stop
> packet).
Just append the query to the existing ones.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
"Torkel Mathisen" <[EMAIL PROTECTED]> wrote:
> I read about the radkill program in the FAQ. However the link doesn't
> work so I was wondering if anyone had a new link to that program?
google?
> Also I got a simple question about radwho. It doesnt seem to output the
> last part of the AP ip-add
"Nataniel Klug" <[EMAIL PROTECTED]> wrote:
> I just have installed the package from Fedora Core 3, nothing else.
Then look at the configuration file. See how it's different from
what is shipped with FreeRADIUS.
And setting "a+rw" on /etc/passwd and /etc/shadow is probaby the
single worst t
"masetio" <[EMAIL PROTECTED]> wrote:
> Thu Jan 26 10:02:58 2006 : Error: Assertion failed in request_list.c, line
> 1119
>
> but if running with debug mode doesn't have any error.
>
> plz i need sugest
For now, run the server with "radiusd -s", which means no threads.
That should help.
Ala
klkbranch <[EMAIL PROTECTED]> wrote:
> That is good to hear. In the mean time, is there any way to get any
> version of FreeRadius (0.9.3 or
> newer) to work with snmp? It sounds like folks have gotten this to work
> in the past.
Yes, because the older SNMP libraries worked. The newer ones
I've been following the instructions in ldap_howto.txt, and I created
the schema.ldif file exactly as outlined in the doc. But when I run the
ldapadd command it gives the following error:
[EMAIL PROTECTED] ldapadd -f schema.ldif -x -D
"cn=root,dc=mydomain,dc=com" -w secret
adding new entry "dc=my
On non i386 32bit architecture (both sun and intel 64) i've had some
problems compiling rlm_perl with the distributed libtool, yet had problems
compiling the rest using --with-system-libtool!
Unfortunately I didnt collect enough information to submit a bug report,
but errors varied from what was l
Please find here below a correction
of the previous post in “understandable English” format
;-)
Hi all,
I have installed freeRADIUS with mySQL backend.
Into sql.conf there are defined several queries, on
of these is the following:
postauth_query =
"INSERT into ${postauth_tabl
hello, type is possible to insert one new query in
the rows sql.conf this:
postauth_query = "INSERT into ${postauth_table}
(id, user, pass, reply, date) values ('', '%{User-Name}',
'%{User-Password:-Chap-Password}', '%{reply:Packet-Type}', NOW())"
modified in this way with name post
This is what I have, I use Freeradius for proxy auth/acct to home servers.
Lets assume I will be more then 20-40 different realms.
Before the answer goes back to the Nas I need to add some attributes and now
looking for the best way of doing this. In the past with Cistron or today
with the sw
Hello,
I've been trying to configure openldap for use with radius. I'm running
a RedHat ES 4 server with the following rpm's installed:
openldap-2.2.13-3
freeradius-1.0.1-3.RHEL4
I've been following the instructions in ldap_howto.txt, and I created
the schema.ldif file exactly as outlined in th
with:
"user3" Auth-Type := Reject, Framed-Protocol == PPP
seems to work :-)
André Lemos wrote:
Hi there
How can I NOT authorize a user to use mschap?
"user3" Framed-Protocol == PPP, Auth-Type := Reject
doesn't seem to work
Thanks
--
_
Hi there
How can I NOT authorize a user to use mschap?
"user3" Framed-Protocol == PPP, Auth-Type := Reject
doesn't seem to work
Thanks
--
_
André Ventura Lemos
Software Engineer
Critical
Software, S
Hi,
I read about the radkill program in the FAQ. However the link doesn't
work so I was wondering if anyone had a new link to that program?
I'd like to kill users that are logged in twice or something. Like in
the output below.
If it works on 1.0.5 at all.
Also I got a simple question about rad
Hi all,
am investigating the possibility of appending to a radreply
attribute.
This will come
from ISP
Cisco-Avpair
+= “ip route 10.0.1.0 255.255.255.0”
From our radius as
per Realm
Cisco-AVpair
+= "ip:vrf-id=client1”
Cisco-AVpair
+= "i
Well you could try my deb packages at
http://apt-repo.ttec.com
Dont know if that will help.
Also check
delete_blocked_requests = no
is set in radiusd.conf
masetio wrote:
I used freeradius-snapshot-20060119 in Debian Sarge
implemen sqlcounter module
if running with daemon Freeradius cra
Alan,
I just have installed the package from Fedora Core 3, nothing else.
Att,
Nataniel Klug
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Wednesday, January 25, 2006 8:58 PM
Subject: Re: Problems System Auth with FreeRadius (/et
Mark,
I tryed using just read option, did not work. I had to set rw permission in
both files... But now it is working and I am very happy... hehehe... Thanks.
Att,
Nataniel Klug
- Original Message -
From: "Mark Tunnell" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Wed
Hi
Thanks. I was looking on the freeradius server, but ofcourse the problem was on
the AP. :)
Regards,
Torkel
-Opprinnelig melding-
Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne av Alan DeKok
Sendt: 24. januar 2006 18:29
Til: FreeRadius users mailing list
Emne: Re: How to lo
Hello,
I've been trying to configure openldap for use with radius. I'm running
a RedHat ES 4 server with the following rpm's installed:
openldap-2.2.13-3
freeradius-1.0.1-3.RHEL4
I've been following the instructions in ldap_howto.txt, and I created
the schema.ldif file exactly as outlined in the
38 matches
Mail list logo