1.- What happens when i have my clients on the Mysql Database and it appears
duplicated?
2.- When i make a radiusd -X and one of my mysql is down it cant start keeps
giving me errors but if i start both it starts ok
On Oct 26, 2010, at 8:27 PM, Alan DeKok wrote:
Rhommel Lamas wrote:
Alan DeKok wrote:
Frank Bollet wrote:
How could I define a specific accounting for a given realm ?
You don't.
So, the best practice here is to put specific accounting in
sites-available/default ?
For example:
### File: sites-available/default
[...]
accounting {
if (Realm == foo) {
Hi,
is it possible to assign ips with the experimental dhcp server to user accounts
instead to hardcoded mac addresses? I have a setup where only the username and
belonging ip is known and you get the mac of the client during the
authentication process so you could use this for the build-in
On 10/27/2010 10:34 AM, Stephan Jennewein wrote:
Hi,
is it possible to assign ips with the experimental dhcp server to
user accounts instead to hardcoded mac addresses? I have a setup
where only the username and belonging ip is known and you get the mac
of the client during the authentication
On 10/27/2010 09:47 AM, Rhommel Lamas wrote:
1.- What happens when i have my clients on the Mysql Database and it appears
duplicated?
You KNOW what happens; it doesn't work.
Don't have duplicate clients.
2.- When i make a radiusd -X and one of my mysql is down it cant start keeps
giving
On Wed, Oct 27, 2010 at 10:06:30AM +0100, Frank Bollet wrote:
Is there a way to separate the configuration for each partner, or should I
just
put everything in sites-available/default because it's how it's supposed to
work?
Hmm, isn't it possible to use $INCLUDE in there, too, so the
Just resolved the Clients it only check for clients on the local Database.
Working out the problem at start with one of the databases, but The radius
Works perfect if one of the databases fails after it starts
On Oct 27, 2010, at 11:42 AM, Phil Mayers wrote:
On 10/27/2010 09:47 AM, Rhommel
Frank Bollet wrote:
So, the best practice here is to put specific accounting in
sites-available/default ?
Isn't that what I already said?
I obviously misunderstood the virtual server purpose. I'm basically just
trying
to separate each realm (actually *partners*, who can have multiple
Is there any chance that freeradius start without both databases online?
On Oct 27, 2010, at 11:42 AM, Phil Mayers wrote:
On 10/27/2010 09:47 AM, Rhommel Lamas wrote:
1.- What happens when i have my clients on the Mysql Database and it appears
duplicated?
You KNOW what happens; it doesn't
Rhommel Lamas wrote:
Is there any chance that freeradius start without both databases online?
Why?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Because it doesn't start i think it should at least start right?
On Oct 27, 2010, at 2:01 PM, Alan DeKok wrote:
Rhommel Lamas wrote:
Is there any chance that freeradius start without both databases online?
Why?
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Rhommel Lamas wrote:
Because it doesn't start i think it should at least start right?
And do... what?
What exactly do you plan on doing with a RADIUS server that can't
write accounting to SQL, or read authentication from SQL?
Alan DeKok.
-
List info/subscribe/unsubscribe? See
James Smallacombe wrote:
However, I need to get this working with a newer, more complex setup
that's using Pam, Ldap, ippools, groups, etc. I just installed 2.1.10
with OpenSSL support (had to run ldconfig afterwards, though). It's
able to authenticate Pam and LDAP for apache and PPTP users
For example i have 2 Databases server, and 1 radius server, i need to configure
it for failover.
I already configured both Sql instances, and both sqlippool instances.
When i start radius i see two scenarios:
1.- If both Databases are up and running Radius Works.
2.- If one of my mysql is down
Rhommel Lamas wrote:
For example i have 2 Databases server, and 1 radius server, i need to
configure it for failover.
I already configured both Sql instances, and both sqlippool instances.
OK.
When i start radius i see two scenarios:
1.- If both Databases are up and running Radius
ok i was getting crazy around here thought it was something about my
configuration :) Good To know that
Sql instances should have a variable that you can setup in case you are using a
failover and it adjust some parameters like
1.- readclients: Actually i had to set the variable readclients to
Alan DeKok wrote:
Yes, you can. But you then need to proxy (i.e. route) the packets to
the correct destination virtual server. You weren't doing that.
And how could I do that ?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Phil. Thanks for responding. I've attached the debug out. If anyone else
wants to jump in feel free.
-Original Message-
From: freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org
[mailto:freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org]
On
Maurice James midnightst...@msn.com wrote:
[ldap] looking for check items in directory...
[ldap] userpassword - User-Password ==
{SSHA}5wzxRoUPX/rLkS9hY1HztczPN8u5m/dGDzKvdg==
This will not work. You need a cleartext password. This SSHA-Hash is
only good for PAP, any challenge response
Strong, Mark wrote:
http://github.com/alandekok/freeradius-
server/blob/v2.1.x/doc/ChangeLog
Yeah, gave that a look didn't see anything definite (as far as memory
leaks go).
Look for the work leak
Alan DeKok.
Verion 2.1.10 fixes my memory leak problem.
Mark.
-
List
How do I do it?
Radius to ldap works no problem
Wireless to radius to ldap does not
-Original Message-
From: freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org
[mailto:freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org] On
Behalf Of Sven
On 10/27/2010 06:18 PM, Maurice James wrote:
How do I do it?
You were kindly given the answer previously by Maurice. But just to
reinforce please review the compatibility information here:
http://deployingradius.com/documents/protocols/compatibility.html
The client is sending mschap, look
Maurice James midnightst...@msn.com wrote:
How do I do it?
You need a password in the clear in your LDAP directory, not hashed. I use a
different (self defined) attribute in my LDAP directory to do this and
use ldap.attrmap to map this attribute (called gifb-NetzPassword in my
schema) to the
On 10/27/2010 07:11 PM, Sven Hartge wrote:
You need a password in the clear in your LDAP directory, not hashed. I use a
different (self defined) attribute in my LDAP directory to do this and
use ldap.attrmap to map this attribute (called gifb-NetzPassword in my
schema) to the required
I will give it another try. I've been trying to the last hour to get the
clear text password policy to stick to a user. Every time I run the radius
debug I see hashed value passed from LDAP. I have to search online for the
instructions on how to get 389-ds server to use clear text. Thanks for all
John Dennis jden...@redhat.com wrote:
On 10/27/2010 07:11 PM, Sven Hartge wrote:
You need a password in the clear in your LDAP directory, not hashed. I use a
different (self defined) attribute in my LDAP directory to do this and
use ldap.attrmap to map this attribute (called gifb-NetzPassword
Sven Hartge s...@svenhartge.de wrote:
slapcat (and a simple base64 decoder) is your friend.
If you are using OpenLDAP or one of its derivate implementations, of
course.
Grüße,
S°
--
Sig lost. Core dumped.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 10/27/2010 07:56 PM, Maurice James wrote:
I will give it another try. I've been trying to the last hour to get the
clear text password policy to stick to a user. Every time I run the radius
debug I see hashed value passed from LDAP. I have to search online for the
instructions on how to get
Hi, I compiled the FreeRADIUS according to http://git.freeradius.org procedure.
It has been working for production like a charm for about 19 days, and today
suddenly stop working, there are no debug messages that I could see, process
were still alive but as I said it stop processing/accepting
OK gentlemen. I finally found the option for password storage (by the way
the search function on the documentation website SUCKS!! Lol)
So far that was the only change that I made
According to Sven, my problem was here ( [ldap] userpassword -
User-Password ==
30 matches
Mail list logo
