Hi,
it's now running on our most busy server. Both -X and
background-multithreaded do their usual job. I do not see any problems
so far.
That said, I was at that point with 2.1.11 as well, and it caught fire
after 48+ hours only. So, there might still be surprises. I'll keep it
running
Dear,
Its my requirement to run more than one radius on a single machine
can anybody help me how to achieve this
I am using
CentOS 5.5 64bit, Oracle 10.2.0 , Freeradius 2.1.10
--
View this message in context:
Been running a week now, and the prerelease still looks good here as
well.
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Mon, Sep 5, 2011 at 3:44 PM, waq waqqay...@gmail.com wrote:
Dear,
Its my requirement to run more than one radius on a single machine
Why?
Using virtual servers is usually easier. They can listen to different
IP/port, and have different configuration. See
sites-available/inner-tunnel for
On 05/09/11 10:06, Fajar A. Nugraha wrote:
On Mon, Sep 5, 2011 at 3:44 PM, waqwaqqay...@gmail.com wrote:
Dear,
Its my requirement to run more than one radius on a single machine
Why?
Using virtual servers is usually easier. They can listen to different
IP/port, and have different
Hi,
munin has been added to the radiusd group which is defined in the
control virtual server - and this used to work all okay
with 2.1.10 and 2.1.11 - so the change in code for root GID seems to have
borked the access to radiusd.sock for other groups.
I've committed a fix to the
I'd recommend you start poking at this to see why ntlm_auth is failing. Are
you having Samba problems, is your machine part of whatever domain it's trying
to authenticate against?
I noticed there's no Domain in the User-Name field, whereas when I'm looking at
Domain authentications, I usually
On 5 Sep 2011, at 14:42, Alan Buxey wrote:
Hi,
munin has been added to the radiusd group which is defined in the
control virtual server - and this used to work all okay
with 2.1.10 and 2.1.11 - so the change in code for root GID seems to have
borked the access to radiusd.sock for other
Hi,
hmm, latest GIT version checked out and compiled...still seems to
do the same:
Checked the freeradius.org repo and the github repo and there's been no
relevant commits...
*poke* Alan D, git push...
:-) must've gone to a private repo! :-)
PS thanks to this thread I've tweaked
On 5 Sep 2011, at 15:06, Alan Buxey wrote:
Hi,
hmm, latest GIT version checked out and compiled...still seems to
do the same:
Checked the freeradius.org repo and the github repo and there's been no
relevant commits...
*poke* Alan D, git push...
:-) must've gone to a private
Hi,
:-) must've gone to a private repo! :-)
... and now a public repo, if you'd care to pull and try again.
hmm, command.c and auth.c appears to have been updated but
still see no joy with 'radmin' as munin user (who is in radiusd group)
Mon Sep 5 15:55:04 2011 : Error: Unauthorized
hi,
probably want to change this line in radmin.c too
printf(Copyright (C) 2008 The FreeRADIUS server project and
contributors.\n);
maybe change that string to a global that can be pulled in from
an include? - this could then be used in other places where old
copyright
Alan Buxey wrote:
maybe change that string to a global that can be pulled in from
an include? - this could then be used in other places where old
copyright statements lurk
Maybe. It's not a high priority.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Alan Buxey wrote:
hmm, command.c and auth.c appears to have been updated but
still see no joy with 'radmin' as munin user (who is in radiusd group)
Mon Sep 5 15:55:04 2011 : Error: Unauthorized connection to
/var/run/radiusd/radiusd.sock from gid 101
My guess is that the get peer id
Hi,
My guess is that the get peer id function is returning only *one*
group. Munin is first part of the munin group, but secondly part of
the radmin group. So... the sockets asks which group is connecting,
and gets told munin.
I'm not sure there's a clean solution to that.
hmm, it
FWIW, found this in ./freeradius-server-2.1.12/src/main/auth.c
502c502
#ifdef WITH_POXT_PROXY_AUTHORIZE
---
#ifdef WITH_POST_PROXY_AUTHORIZE
On Aug 29, 2011, at 7:13 AM, Alan DeKok wrote:
I've put some pre releases of 2.1.12 on the web site:
http://git.freeradius.org/pre/
Please
Jim Madden wrote:
FWIW, found this in ./freeradius-server-2.1.12/src/main/auth.c
Whoops. Fixed that, thanks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan Buxey wrote:
hmm, it used to work - i guess the fix to fix the brokeness also broke
this setup.
I think the change is related to checking the peer ID on the new
connection, rather than the old one. See commit
f0e7064e58f712853c429dcb27e53861f1a9cde1
Alan DeKok.
-
List
Hello Guys,
I need the following in a wireless environment, using 802.1X authentication
based on LDAP, need to do dynamic VLAN assignment.
Need to consult an LDAP attribute, and from this attribute to determine
which VLAN to send to my wireless controler.
I need something like this:
...
if (
Alan DeKok al...@deployingradius.com writes:
Alan Buxey wrote:
hmm, command.c and auth.c appears to have been updated but
still see no joy with 'radmin' as munin user (who is in radiusd group)
Mon Sep 5 15:55:04 2011 : Error: Unauthorized connection to
/var/run/radiusd/radiusd.sock from
This is an issue for us as well. It seems in our case, the NAS retransmits the
start packet 60 seconds later and this has an impact on the acctuniqueid as
shown in the example below:
Tue Aug 30 13:32:49 2011
Event-Timestamp = Aug 30 2011 13:32:48 EDT
User-Name = u...@example.com
On 06/09/2011 00:36, Rob Turner wrote:
Default in modules/acct_unique:
acct_unique {
key = User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address,
NAS-Port
}
The man page for rlm_acct_unique shows:
acct_unique {
key = User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Port
}
Anyone know
Hi,
The expiration module works but it is not returning the error message.
Everytime I include the Expiration attribute and set date accordingly. The user
is denied login. The reason is because the account expired and NOT because
there is no known good password found as shown below. How to
On 6 Sep 2011, at 06:04, James J J Hooper wrote:
On 06/09/2011 00:36, Rob Turner wrote:
Default in modules/acct_unique:
acct_unique {
key = User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address,
NAS-Port
}
The man page for rlm_acct_unique shows:
acct_unique {
key =
On Tue, Sep 6, 2011 at 11:41 AM, Det Det det.explo...@yahoo.com wrote:
Hi,
The expiration module works but it is not returning the error message.
Everytime I include the Expiration attribute and set date accordingly. The
user is denied login. The reason is because the account expired and NOT
25 matches
Mail list logo
