I have a freeradius box (version 1.1.0) with the following (working) group
lookup.. On updating to 1.1.6 it appears the
%{Stripped-User-Name:-%{User-Name}} part is broken.. I see in cvs there is
an update to head, radiusd/src/main/xlat.c (1.115): make ':-' work again.. I
have not had luck
In part of my ldap config section, I obtain the gid with an ldap lookup,
then use my ${gid} variable in the groupmembership_filter. Up until
recently I had simply been using %{User-Name}, but now have the need to
use the check for Stripped-User-Name before using User-Name. That works in
comes from the nas, NAS-IP-Address is an IP.
On Tue, 27 Jul 2004, Alan DeKok wrote:
Mike Sturdee [EMAIL PROTECTED] wrote:
I am trying to use sql for the Simultaneous-Use check. I am seeing that
the NAS-IP-Address is being resolved in some places, and used as IP in
others. (I am thinking it should
I am trying to use sql for the Simultaneous-Use check. I am seeing that
the NAS-IP-Address is being resolved in some places, and used as IP in
others. (I am thinking it should stay IP regardless).
Here's how it goes:
-SQL query for UserName with AccountSessionTime of 0.
|--Rows returned
-Run
I just happen to have such a script.. it's based of something I found a
year or so back, and modified quite a bit. It does the job for me. Unless
you use USR/3com/name_of_the_week Total Control, you'll probably need to
do some modifications.
On Fri, 9 Jul 2004, Stephan von Krawczynski wrote:
how about setting up 2 ldap modules?
ldap people {
...
}
ldap students {
...
}
Not sure if this would do it, just a suggestion.
On Wed, 7 Jul 2004, Alexander M. Pravking wrote:
On Wed, Jul 07, 2004 at 09:00:00PM +0200, Arthur EBEL wrote:
Hi everybody,
My freeradius operate very
Is it possible to have mysql accounting log the query statement (yes i
know this part is possible) but NOT connect to the sql server? I need to
take the mysql box down for maint and was thinking this would be the best
possible way to not lose any records.
-Mike
-
List
I have radius set up to log accounting to a MySQL database. It currently
holds a couple years worth of logging from several thousand users, so it's
quite large.. Problem I'm having is if I do a select that will return a
couple hundred entries, or anything other than the simplest of queries,
I am doing:
# match number ending in 123
DEFAULT Called-Station-Id =~ ^.*123$
Realm = realm1
# otherwise make it realm2
DEFAULT
Realm = realm2
And _ALL_ are being assigned realm1
-Mike
On Tue, 27 Jan 2004, Alan DeKok wrote:
Mike Sturdee [EMAIL PROTECTED] wrote:
I am trying
Alan,
It works as I want it.
Thanks!
-Mike
On Wed, 28 Jan 2004, Alan DeKok wrote:
Mike Sturdee [EMAIL PROTECTED] wrote:
I am doing:
# match number ending in 123
DEFAULT Called-Station-Id =~ ^.*123$
You don't need the ^.* piece.
Realm = realm1
# otherwise make
I am trying to set the Realm attribute based on the Called-Station-Id.
Doesn't look to work in users (not done soon enough). Does the hints file
support regex comparisons? I am needing the realm set before radiusd
reaches the authentication / authorization modules.
thanks
-Mike
-
List
users that dial into a number ending in 195 get the correct Auth-Type
Autz-Type, as do other calls that need to auth off of LDAP1. Problem is,
when I have the LDAP2 instances in authorize {} authenticate {}, users
authing off of LDAP1 do not get the correct group attributes per the group
lookup
12 matches
Mail list logo
