-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey,
Eshun Benjamin schrieb:
The link below will help
http://docs.info.apple.com/article.html?artnum=303471
thanks a lot!
ca
mIke
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Darwin)
Comment: Using GnuPG with Mozilla -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey,
freeRADIUS works quite good and it's possible to authenticate via PAM,
for example local logins, ssh-logins, su, chsh, gdm, ... are working
quite fine.
The only thing is the htaccess from apache2 which will not work. The
Radius gets the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey,
we start the radiusd in debugging mode and with the following line in
rc.local we now just get the loggin attempts into the radius.log:
tail -f /var/log/radius/radius_complete.log | grep --line-buffered \:\
Login /var/log/radius/radius.log
hey,
Vista now working with freeRADIUS?
any debugging information needed?
ca mIke
Alan DeKok schrieb:
Pedro Ribeiro [EMAIL PROTECTED] wrote:
The Radiator people are talking about problems with SSL empty
fragments handing in Windows Vista ...
I've tried to compile FreeRADIUS with
Alan DeKok schrieb:
Michael Messner wrote:
Vista now working with freeRADIUS?
No idea.
any debugging information needed?
Yes, someone to test it would be nice. I don't have Vista, so I can't
test it.
I think you have not seen the mail from [EMAIL PROTECTED] with
subject:
Re[4
Dev Anand schrieb:
Hi All ,
Is it possible to quarantine a system by placing it in different vlan
by OpenRadius ?
If so can somebody guide me on the steps that can be tried .
The situation is like this :
System already having an IP address , but found to be infected with a
virus-worm.
On Mon, Nov 20, 2006 at 02:56:00PM +0100, Michael Messner said:
hey @all,
the next try to get freeradius with ldap support on a solaris 10:
I've installed openldap from http://sunfreeware.com/indexintel10.html, so
I find the ldap libraries:
/usr/local/lib/libldap-2.3.so.0
/usr/local/lib
hey freeradius users,
Michael Messner sagte:
... the original spec file wont work on centOS ...
it breaks with errors of overwriting a README file which was created
allready:
...
doc/supervise-radiusd.txt doc/tuning_guide doc/variables.txt LICENSE
COPYRIGHT CREDITS README
/var/tmp/freeradius
thanks for the information, I work on nearly the same and I've created a
link collection of most of the infos I've researched:
http://community.fh-salzburg.ac.at/forum/index.php?showtopic=27
also I've a complete documetation writen via a wiki but for now I can't
open it for everybody ...
hey @all,
for testing we write the complete debugging messages to syslog into a
special file but with this method the loggin to the normal radius.log
file won't work anymore!
We start radiusd with daemontools and with these parameters:
loggeropt=logger -p local6.info -t radiusd -s
ARGS=-Afxyz
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan DeKok schrieb:
Michael Messner [EMAIL PROTECTED] wrote:
for testing we write the complete debugging messages to syslog into a
special file but with this method the loggin to the normal radius.log
file won't work anymore!
Because it's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thor Spruyt schrieb:
tail -F radius.log | logger
radius.log is empty!
ca mIke
- Original Message - From: Michael Messner
[EMAIL PROTECTED]
To: freeradius-users@lists.freeradius.org
Sent: Thursday, November 16, 2006 3:10 PM
Subject
hey freeRADIUS users,
I've found out that there goes something completely wrong, there is
allways the ldap request!
also if the user is defined in the users file like:
bob Password == bob
Reply-Message = Hello, bob
then I try to:
11:03:49 Xradius /etc/raddb [root]radtest bob bob
Patric sagte:
Michael Messner wrote:
jep from source it compiles,
16:05:16 Xradius ~/rpmbuild/SPECS [root]rpmbuild -ba freeradius.spec
ca mIke
Sorry man, in that case Im not sure what the problem is...
You might get more help from the guys on GLUG Tech if you post
ok, now the normal authentication process works again!
normally our config from the ldap request looks like the following:
radiusd.conf:
basedn = CN=Users,DC=isalab,DC=local
filter = sAMAccountName=%{Stripped-User-Name:-%{User-Name})
groupname_attribute = cn
groupmembership_filter =
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey alan,
Alan DeKok schrieb:
Michael Messner [EMAIL PROTECTED] wrote:
I've found out that there goes something completely wrong, there is
allways the ldap request!
Because you configured it to do that? See doc/configurable_failover
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey,
Ramm-Ericson, Johannes schrieb:
configure: WARNING: silently not building rlm_counter.
configure: WARNING: FAILURE: rlm_counter requires: libgdbm.
configure: WARNING: silently not building rlm_ippool.
configure: WARNING: FAILURE:
hey @all,
trying to build freeradius-1.1.3 rpms for centOS with the description
from http://wiki.freeradius.org/Build#Building_RedHat_packages
ends with the following error:
Executing(%doc): /bin/sh -e /var/tmp/rpm-tmp.73012
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd freeradius-1.1.3
+
Patric sagte:
Michael Messner wrote:
hey @all,
cp: will not overwrite just-created
`/var/tmp/freeradius-root/usr/share/doc/freeradius-1.1.3/README' with
`README'
error: Bad exit status from /var/tmp/rpm-tmp.73012 (%doc)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.73012
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Patric schrieb:
Michael Messner wrote:
Patric sagte:
Have you tried compiling the source?
that works!
if I add the -i in the spec file there is no change ... same error!
thanks mIke
So it compiles from source? Ok, what is your rpmbuild
Patric sagte:
Michael Messner wrote:
Patric sagte:
Have you tried compiling the source?
that works!
if I add the -i in the spec file there is no change ... same error!
thanks mIke
So it compiles from source? Ok, what is your rpmbuild command?
jep from source it compiles,
16:05:16
hey freeRADIUS users,
the testlab looks like
Windows 2003 (AD) --- Freeradius --- Enterasys switch/Cisco WLAN ---
Linux/MS-Client
802.1x via PEAP works, so the next step is machine authentication to get
also a 802.1x Domain login.
like in this post
hey freeRADIUS users,
now it looks much better:
configure: WARNING: silently not building rlm_counter.
configure: WARNING: FAILURE: rlm_counter requires: libgdbm.
configure: WARNING: silently not building rlm_ippool.
configure: WARNING: FAILURE: rlm_ippool requires: libgdbm.
configure:
PROTECTED]
g
[mailto:[EMAIL PROTECTED]
adius.org] On Behalf Of Michael Messner
Sent: Monday, November 06, 2006 9:37 AM
To: freeradius-users@lists.freeradius.org
Subject: Windows-Domain login without local users
hey freeRADIUS users,
PEAP auth. works now with *X and MS-clients, the backend
hey freeRADIUS users,
I've installed Entire+OEM,
11:41:05 unknown ~/freeradius-1.1.3 [root]echo $PATH
11:41:09 unknown ~/freeradius-1.1.3 [root]echo $LD_LIBRARY_PATH
/lib:/usr/sfw/lib:/usr/local/lib:/usr/lib:/usr/share/lib:/usr/dt/lib
./configure --sysconfdir=/etc --mandir=/usr/share/man
hey freeRADIUS users,
PEAP auth. works now with *X and MS-clients, the backend is a freeradius
server on centOS with active directory connection.
Now, the user needs a local account to login to the clientmachine and then
he is able to start the PEAP authentication process.
A local login for
hey freeRADIUS users,
next step ... testing freeRADIUS on a Solaris 10 box and I'm completely
new to solaris! :-(
I've started with the configure again but there are so much things missing:
aclocal
autoconf
autoheader
locate
libgdbm
sys/security.h
sys/prctl.h
prot.h
sia.h
siad.h
krb5.h
gawk
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey,
Michael Messner wrote:
Kevin Bonner wrote:
I don't believe it was added to the 1.1.X branch, so the CVS head and
nightly
snapshots are the only way to use the syslog logging method. Wait for 2.0
or
try one of the other suggestions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey freeRADIUS users,
no ideas what can I do or where can I start with research?
ca mIke
Michael Messner wrote:
[EMAIL PROTECTED] ~]# radwho -r
ISALAB.local\\mmessner,ISALAB.local\\mmessner,shell,S31005,Thu
12:15,141.201.43.115,
mmessnerO
hey freeRADIUS users,
[EMAIL PROTECTED] ~]# radwho -r
ISALAB.local\\mmessner,ISALAB.local\\mmessner,shell,S31005,Thu
12:15,141.201.43.115,
mmessnerO,mmessnerO,shell,S310,Wed 11:33,141.201.43.118,
mmessnerO,mmessnerO,shell,S279,Tue 12:45,141.201.43.118,
mmessnerO,mmessnerO,shell,S453,Thu
hey kenneth,
Kenneth Grady wrote:
try ...
log_destination = syslog
log {
syslog_facility = daemon
}
not working :-(
mIke
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey Kevin,
Kevin Bonner wrote:
On Thursday 05 October 2006 08:07, Michael Messner wrote:
hey kenneth,
Kenneth Grady wrote:
try ...
log_destination = syslog
log {
syslog_facility = daemon
}
not working :-(
mIke
I don't believe
hey freeRADIUS users,
I'm trying to syslog the radius-messages with freeradius 1.1.2!
Now I've added the line
log_destination = files
to the radiusd.conf, and I also tried to start the radius with the
parameter -lsyslog but nothing goes to syslog!
Any ideas?!?
thanks mIke
-
List
hey alan,
Alan DeKok wrote:
Michael Messner [EMAIL PROTECTED] wrote:
to the radiusd.conf, and I also tried to start the radius with the
parameter -lsyslog but nothing goes to syslog!
That doesn't really work in 1.1.x
any workarounds available?
thanks mIke
-
List info/subscribe
hello mailinglist,
in my last mail I got the information to use huntgroups to handle the
parameters for different NAS types, but after some research I have not
found good documentation of this!
Anyone knows some good recources?
Here are my new configs, it looks like they are working, but I'm
hey mailinglist,
I have a little prob. with the first login via the radiusserver, it looks
like this
MS-Active directory -- freeradius 1.1.2 -- cisco or enterasys switch
If I restart the radiusd the first try for a login needs about 20 seconds:
[EMAIL PROTECTED] ~]# time echo User-Name =
hey Peter,
Peter Nixon sagte:
Is FreeRADIUS connecting to AD with DNS or IP?
thanks for this hint ... it was the DNS problem, now it works very well!
mIke
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
thanks!
James Wakefield wrote:
Michael Messner wrote:
Here are my new configs, it looks like they are working, but I'm not sure
if this is really the correct way:
-- snip (see previous post) --
is this the correct way?
It looks pretty right to me. Can't see any better way to do
thanks for this hint ... now it's working!
ca mIke
Michael Schwartzkopff wrote:
Am Montag, 18. September 2006 10:59 schrieb Michael Messner:
hey list,
we have switches from enterasys and access points from cisco, now we have
configured the parameters like this example in the users file
hey,
Alan DeKok wrote:
Michael Messner [EMAIL PROTECTED] wrote:
DEFAULT LDAP-Group == CN=adminrole,CN=users,DC=isalab,DC=local,
Huntgroup-Name := cisco
You can't assign the huntgroup attribute. You have to use '=='.
but it works good and I thought that if the first entry don't pass so
hey list,
we have switches from enterasys and access points from cisco, now we have
configured the parameters like this example in the users file:
DEFAULT LDAP-Group == CN=xadmins,CN=users,DC=isalab,DC=local
Filter-ID == Enterasys:version=1:policy=xadmins,
Tunnel-Type:1 = 13,
hey Phil, hey list,
Phil Mayers sagte:
Michael Messner wrote:
Use the ldap module to query AD and add attributes to the reply
dynamically. For example:
DEFAULTLdap-Group == cn=students,dc=domain,dc=com
Filter-Id = Enterasys:version=1:mgmt=su:policy=userrole
...or similar
hey Phil, hey list
Phil Mayers wrote:
Michael Messner wrote:
If I define the users on the Radius with the help of the users file it
is no problem and it works perfectly, but how can I use the information
from the AD?
Use the ldap module to query AD and add attributes to the reply
hello,
we are testing the 802.1x authentication in a small test network.
(http://www.enterasys.com/products/whitepapers/secure-networks-wp.pdf)
The user management works via an active directory on a Windows 2003
server, a Freeradius on a Linux machine, and the switch is an Enterasys
44 matches
Mail list logo