to find out:
a) If it supports the Idle-Timeout attribute at all (If so it might have a
bug - contact the NAS manufacturer).
or
b) If it supports a different method to do the same thing.
Regards,
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
If you update from FreeRadius 2.1.9x to 2.1.10x your server might fail to
start if the sample virtual server in the proxy.conf file is uncommented. I
learned that the hard way
Description: MCITP(rgb)_1084_1085
Description: https://exams.giac.org/images/logos/giac_silver_small.gif GIAC
Where is the log?
-Original Message-
From: freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org
[mailto:freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org] On
Behalf Of Rafal Kaminski
Sent: Monday, November 01, 2010 10:57 AM
To:
I posted a working config for your exact problem last week. Take Johns advice.
Thanks
-Original Message-
From: freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org
[mailto:freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org] On
Behalf Of Rafal
@lists.freeradius.org]
On Behalf Of John Dennis
Sent: Wednesday, October 27, 2010 8:54 PM
To: FreeRadius users mailing list
Subject: Re: Wireless WPA2 enterprise Radius authentication
On 10/27/2010 07:56 PM, Maurice James wrote:
I will give it another try. I've been trying to the last hour to get
the clear text
-users@lists.freeradius.org
Subject: Re: Wireless WPA2 enterprise Radius authentication
Phil Mayers p.may...@imperial.ac.uk wrote:
On 28/10/10 11:48, Maurice James wrote:
OK here are the logs from the latest test. As you will see the
password is stored in cleartext, but still no dice
The ldap
[mailto:freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org]
On Behalf Of John Dennis
Sent: Wednesday, October 27, 2010 8:54 PM
To: FreeRadius users mailing list
Subject: Re: Wireless WPA2 enterprise Radius authentication
On 10/27/2010 07:56 PM, Maurice James wrote:
I will give it another try. I've
+midnightsteel=msn@lists.freeradius.org
[mailto:freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org]
On Behalf Of Maurice James
Sent: Thursday, October 28, 2010 4:37 PM
To: 'FreeRadius users mailing list'
Subject: RE: Wireless WPA2 enterprise Radius authentication
OK gentlemen
Hi Phil. Thanks for responding. I've attached the debug out. If anyone else
wants to jump in feel free.
-Original Message-
From: freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org
[mailto:freeradius-users-bounces+midnightsteel=msn@lists.freeradius.org]
On
Hartge
Sent: Wednesday, October 27, 2010 3:47 PM
To: freeradius-users@lists.freeradius.org
Subject: Re: Wireless WPA2 enterprise Radius authentication
Maurice James midnightst...@msn.com wrote:
[ldap] looking for check items in directory...
[ldap] userpassword - User-Password ==
{SSHA
I will give it another try. I've been trying to the last hour to get the
clear text password policy to stick to a user. Every time I run the radius
debug I see hashed value passed from LDAP. I have to search online for the
instructions on how to get 389-ds server to use clear text. Thanks for all
=msn@lists.freeradius.org]
On Behalf Of John Dennis
Sent: Wednesday, October 27, 2010 8:54 PM
To: FreeRadius users mailing list
Subject: Re: Wireless WPA2 enterprise Radius authentication
On 10/27/2010 07:56 PM, Maurice James wrote:
I will give it another try. I've been trying to the last hour
I'm running freeradius 2.1.9-1. I will run the debug test when I get home
later
The funny thing is, it could be just 1 small setting that I missed. This is
a pain.
I have a Windows Vista/7 clients connecting to a cisco e3000 wireless router
(WPA2 Enterprise) authenticating to freeradius 2.1.9-1
] returns updated
Delaying reject of request 6 for 5 seconds
Going to the next request
-
Clues gratefully accepted!
James Smallacombe PlantageNet, Inc. CEO and Janitor
u...@3.am http://3.am
;
home-zombie_period_start.tv_sec = home-last_packet;
home-zombie_period_start.tv_sec = USEC / 2;
{Apologies if I'm totally going in the wrong direction}
Regards,
James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk
This isn't a comment on FreeRadius, but in our recent experiences with 802.1x
and Windows XP clients it was a total waste of time. The built-in XP dot1x
client is not up to the job. We had contractors in trying to make it work and
everything was perfect on the network setup. In the end, Windows
!= PW_AUTHENTICATION_ACK) {
RDEBUG2(SoH was rejected);
-James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk http://www.jamesjj.net
--
-
List info/subscribe/unsubscribe? See http
]
... Therefore patch attached {confd-by= format only a suggestion}.
-James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk http://www.jamesjj.net
--
--- soh.c-orig 2010-10-11 20:54:28.0 +
+++ soh.c-new1 2010-10-11 21
On 11/10/2010 22:14, James J J Hooper wrote:
On 11/10/2010 12:37, Phil Mayers wrote:
On 09/10/10 15:01, Garber, Neal wrote:
Thanks to a lot of work by Phil Mayers, the server now has support for
Microsoft SoH in PEAP, normal RADIUS (MS VPN gateway), and in DHCP.
Wow! That *must* have been
to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 1
Sending Access-Reject of id 176 to 127.0.0.1 port 43090
Waking up in 4.9 seconds.
Cleaning up request 1 ID 176 with timestamp +69
Ready to process requests.
James S. Smith
Network Architect
WIND Mobile
207 Queen's Quay
/local/dnsnode/src/radiusd/freeradius-server-2.1.10/src'
gmake[1]: *** [src] Error 2
gmake[1]: Leaving directory
`/usr/local/dnsnode/src/radiusd/freeradius-server-2.1.10'
make: *** [all] Error 2
-James
--On Tuesday, September 28, 2010 15:34:00 +0200 Alan DeKok
al...@deployingradius.com wrote
--On Tuesday, September 28, 2010 16:19:46 +0100 James J J Hooper
jjj.hoo...@bristol.ac.uk wrote:
Hi Alan,
I'm getting a make error. I tried ./configure --without-radsniff but
still the same... Is there a switch to disable building radsniff or do I
have to get the PCAP libraries
--On Tuesday, September 28, 2010 17:48:39 +0200 Alan DeKok
al...@deployingradius.com wrote:
James J J Hooper wrote:
Hi Alan,
I'm getting a make error. I tried ./configure --without-radsniff but
still the same... Is there a switch to disable building radsniff or do I
have to get the PCAP
certificate on the two servers.
-James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
,
James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk
--
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--On 14 September 2010 08:15 +0100 James J J Hooper
jjj.hoo...@bristol.ac.uk wrote:
--On 14 September 2010 17:01 +1000 Strong, Mark mstr...@tnsi.com
wrote:
Hi Guys,
I have free radius 2.1.6, and it has quite a chunk of memory inuse at
the moment, are there any known issues
}
}
reject = return
}
}
...
}
-James
--
James J J Hooper
University of Bristol
http://www.wireless.bristol.ac.uk
--
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
, you need to click the Advanced-settings
button, change to the EAP page, select 'Use manual user name' and enter
whatever you want in the box.
(
http://www.wireless.bris.ac.uk/getconnected/services/eduroam/go-anything/#anomalies
)
Regards,
James
--
James J J Hooper
Network Specialist
Jul 14 10:51:16 2010 : Debug: Exec-Program: returned: 1
^^ is that not the problem?
-James
--On Wednesday, July 14, 2010 11:22:43 -0400 freerad...@corwyn.net wrote:
We're in the process of upgrading from Windows 2003 to 2008 R2. Our Linux
systems are CentOS 5.5. Looks like samba won't auth
Does anyone know if there is a built in mechanism of retaining some
sort of state information between auth and acct packets without using
external means?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
http://www.google.co.uk/search?q=freeradius+commercial+supportbtnI=1
??
On 16/06/2010 23:03, Jackal Admin wrote:
Even if you aren't able to provide support, I'd be interested in any
suggestions for where to get support from.
Jackal Admin wrote:
We have a a hotspot authentication system
On 06/13/10 03:11, Alan DeKok wrote:
James wrote:
Is somebody already working on making .rst files because there are
already some?
Peter Nixon did a few in the master branch. I don't think any more
changes have been made since then.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
On 06/13/10 03:11, Alan DeKok wrote:
James wrote:
Is somebody already working on making .rst files because there are
already some?
Peter Nixon did a few in the master branch. I don't think any more
changes have been made since then.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
On 06/10/10 15:59, Alan DeKok wrote:
bjloc...@lockie.ca wrote:
What file format is the documentation in and roughly how big is it?
Text. Not a lot, but organized fairly poorly.
I'm a technical writer and I'm interested.
Try: http://freeradius.org/doc/community.html
Or, just
--On Thursday, June 10, 2010 10:10:05 +0200 Alan DeKok
al...@deployingradius.com wrote:
James J J Hooper wrote:
OK - GDB log attached. This is from git branch v2.1.x, up to and
including 0e9ae1698ba55b16b149 (Cleaned up debug output to be readable -
about 7 hours ago
On 10/06/2010 22:20, Alan Buxey wrote:
Hi,
OK. I fixed both problems. Thanks for tracking it down, it made the
fix much simpler.
Do a 'git pull' for the v2.1.x branch, and re-build. It should now be
OK.
hmm, this is interesting...James, do you use COA at all? we dont but
this code
On 10/06/2010 22:42, James J J Hooper wrote:
On 10/06/2010 22:20, Alan Buxey wrote:
Hi,
OK. I fixed both problems. Thanks for tracking it down, it made the
fix much simpler.
Do a 'git pull' for the v2.1.x branch, and re-build. It should now be
OK.
hmm, this is interesting...James, do you
On 06/10/10 16:44, Alan DeKok wrote:
Arran Cudbard-Bell wrote:
My idea was to install an extension to the wiki that allowed rendering of RST.
The documentation would be kept up to date on the wiki, and at official release
time those pages would be pulled in from the wiki and bundled with the
On 09/06/2010 17:56, James J J Hooper wrote:
Hi Alan, All,
Since upgrading to 2.1.9, FR is segfaulting frequently (every 20 minutes
with load, every ~8 hours with less load).
Attached -X at startup, and the last 100 lines before segfault.
If someone can explain how to drive GDB (or any other
On 09/06/2010 21:17, James J J Hooper wrote:
On 09/06/2010 17:56, James J J Hooper wrote:
Hi Alan, All,
Since upgrading to 2.1.9, FR is segfaulting frequently (every 20 minutes
with load, every ~8 hours with less load).
Attached -X at startup, and the last 100 lines before segfault
, repeat until it works totally as you
wish, or your break it. If the latter, revert the most recent config change.
... and the documentation:
http://wiki.freeradius.org/SQL_HOWTO etc
Regards,
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
common issues, and suggestions for how
they may be fixed.
--
Is the server running, is the shared secret correct, do you firewall
traffic on the localhost interface?
-James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Everbdody,
Right off the bat I will tell you that this is my first experience with
FreeRadius.
I have a customer that wants to do be able to connect their laptops to a
private network where we are running Edirectory as the authentication
directory.
Elements include - FreeRadius 2.1.6,
,
direct replies (COA or otherwise) won't work.
-James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk http://www.jamesjj.net
--
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
As seen, there is no any data in %{Realm}.
Refer to man rlm_realm
...realms have to be defined in proxy.conf for suffix to recognise them:
realm un {
...
}
Alternatively, use a regex in unlang to split the username as you wish.
-James
--
James J J Hooper
Network Specialist
Information
Is there a way to enable full debugging while still having it write to
the log file and not push into the foreground? We are seeing radius
packets coming in that I can locate via tcpdump but not via the logs.
We have a custom module which dumps the radius packet almost
immediately to logs which
al...@deployingradius.com wrote:
James Devine wrote:
I'm trying to setup a freeradius server on freebsd7 to authenticate
against the local passwd file and seem to be running into some
problems.
and /etc/pam.d/radiusd setup such as:
Err... why?
You don't need to use PAM to authenticate
I'm assuming you're referring to the shadow group? That wouldn't work
on freebsd though, I tried setting group to wheel with no success.
On Thu, Feb 4, 2010 at 8:52 AM, Alan DeKok al...@deployingradius.com wrote:
James Devine wrote:
the problem seems to be that getpwnam in rlm_unix is getting
of 0, the encrypted
password will be returned, otherwise, the password field of the returned
structure will point to the string `*'.
On Thu, Feb 4, 2010 at 9:23 AM, Alan DeKok al...@deployingradius.com wrote:
James Devine wrote:
I'm assuming you're referring to the shadow group
I'm trying to setup a freeradius server on freebsd7 to authenticate
against the local passwd file and seem to be running into some
problems.
in sites-available/default I setup authorize/authenticate such as:
authorize {
preprocess
chap
mschap
suffix
unix
files
expiration
logintime
pap
}
...
if (control:Auth-Type == EAP) {
update control {
Proxy-To-Realm := xyz.com
}
}
-James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk http://www.jamesjj.net
--
-
List info/subscribe/unsubscribe? See http
request, you should be able to see when
and why any attributes are added.
-James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 20/01/2010 23:36, Arran Cudbard-Bell wrote:
On 1/17/2010 8:37 AM, Alexander Clouter wrote:
James J J Hooperjjj.hoo...@bristol.ac.uk wrote:
In order to also return e.g. VLAN IDs (that could be computed from the
inner User-Name in a non-session-resumption enabled config), I can move
--On Thursday, January 21, 2010 10:05:36 AM + Alexander Clouter
a...@digriz.org.uk wrote:
James J J Hooper jjj.hoo...@bristol.ac.uk wrote:
How did you get around the my policy rejects you now, but i've already
sent a tunneled success TLV in the TLS tunnel and you're now ignoring my
environment for programs runned from cron?
Hi,
This being the FreeRADIUS list, your question should probably be vaguely
related to FreeRADIUS.
http://www.google.com/search?q=crontab+set+path
-James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
to do this?
Thanks,
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
1
Apologies if I have misunderstood the code.
-James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk http://www.jamesjj.net
--
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
?
Many thanks,
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
accidentally mess up remote connections etc
yep - that's what we are already doing for eduroam ;-)
-James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Attribute Go=Service1
BUT IF;
A request comes with User-Name: XXX, Password: YYY and Attribute
A = Go2
The Access-Accept should include Attribute Go=Service2
Is this possible?
It is.
http://freeradius.org/radiusd/man/unlang.html
-James
--
James J J Hooper
Network Specialist
Information Services
/winbindd_privileged
say on your system?? Perhaps you have lost the execute bit on your
directory permissions?
-James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk http://www.jamesjj.net
--
-
List info
--On 08 January 2010 22:24 + James J J Hooper
jjj.hoo...@bristol.ac.uk wrote:
--On 08 January 2010 17:14 -0500 freerad...@corwyn.net wrote:
I had everything working fine, and now it's not. (I use the ldap module
to auth)
When I look through the logs, I'm getting
...
}
... you could use unlang to wrap it in an if statement if you wanted to be
selective about when to apply it.
-James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk http://www.jamesjj.net
--
-
List
If a packet is received that contains an incorrect shared secret,
should something be logged? Looking through the logs, it looks like
freeradius still tries to process the request, the password is
mangled, but no mention of incorrect shared secret as far as I get
tell.
-
List
Greetings,
I've got a 1.1-3 FreeRadius server and trying to figure out what to do
to enable PAP authentication. CHAP is working when I use Radius Ping
but if I change the Password to
User-Password which if I understand it is supposed to enable PAP.
When I do this, I get a
Regarding the version, by design if running Centos, which purposely
has a long cycle between releases based on upstream for stability. I'm
not against upgrading this though. :)
So I did in fact read the users file or I wouldn't have made it this
far, but I'm not seeing anything that
Greetings All:
I am standing up a new radius server for pass through auth. I'm
struggling with accounts that are mysql based (which I have to use for
the my automated billing system).
Using NTRadPING Test Utility.
I can authenticate using PAP and REALMS if the user is just located in
Missed the need to strip the realm. That fixed both problems.
On Dec 1, 2009, at 9:04 PM, James Hankins wrote:
Greetings All:
I am standing up a new radius server for pass through auth. I'm
struggling with accounts that are mysql based (which I have to use
for the my automated billing
Greetings,
I'm standing up a freeradius server on Centos 5.4 with the yum
installed version of Freeradius. Where do I obtain the mysql file to
create the default tables for the database? Thank you!
Jim
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Jalil,
Refer to this page as it will be extremely helpful!
http://www.cisco.com/en/US/products/ps6307/products_tech_note09186a0080870334.shtml
James Taylor
From: freeradius-users-bounces+jtaylor=fcip@lists.freeradius.org
[mailto:freeradius-users-bounces+jtaylor=fcip
On Wed, 7 Oct 2009, Alan DeKok wrote:
James Smallacombe wrote:
Thanks for your response...I had discarded the notion of using pam for
this because of this warning in the radiusd.conf:
That's historical. The libraries may have been fixed since then.
Good to know...it might be worthwhile
? On
the NAS?
TIA,
On Wed, 30 Sep 2009, James Smallacombe wrote:
Hi:
We have a client running FreeRadius 2.1.6 on a Linux box authenticating
against shadow passwords. I've gone over the radiusd.conf and it appears
that the expire module is enabled by default in the global config
On Tue, 6 Oct 2009, John Dennis wrote:
On 10/06/2009 01:56 PM, James Smallacombe wrote:
Has anyone had any luck getting FreeRadius to recognise expired Linux
system passwords as defined in /etc/login.defs ? sshd and imapd honors
it, but FreeRadius does not. It appears enabled by default
with timestamp +18
Ready to process requests.
James Smallacombe PlantageNet, Inc. CEO and Janitor
u...@3.am http://3.am
=
-
List info/subscribe
to be ignoring
this attribute and authenticating users with expired passwords anyway. I
tried expiring the account and that worked, but it would be much better to
have it respect expired passwords.
Is there something I missed?
TIA,
James Smallacombe PlantageNet, Inc. CEO
I have a custom module that I am having problems getting loaded. It
works fine on a freebsd machine, I just built 2.1.6 on an ubuntu
machine, which appears to put the modules in /usr/local/lib, so I
built the custom module and added it to /usr/local/lib and it cannot
find it:
Fri Sep 18 14:15:30
Marinko
Do you use MySQL for NAS authentication? I have noticed that Freeradius can
re-connect to the database for user authentication later in the process.
However as NAS is only read during startup then if MySQL is not ready its
understandable why Freeradius would bomb out.
JD
At System Boot = Freeradius Failure
Well right now No but in this moment I don't have test server so I can't help
you in this case...
Also, NAS table usually is not so big and I don't see any reason for slow start.
Is there anything in mysql logs ?
James Duffy wrote:
Marinko
Do you use MySQL
Hi,
Am having problems using freeradius and mysql. Basically they are both set to
start at system boot but as MySQL takes longer to get going freeradius bombs
out with Mysql error 'Can't connect to local MySQL server through socket
'/var/run/mysql/mysql.sock' (2)' type errors.
I can 'fix'
From: Fajar A. Nugraha fa...@fajar.net
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Saturday, September 5, 2009 11:07:57 PM
Subject: Re: Freeradius + MySQL At System Boot = Freeradius Failure
On Sat, Sep 5, 2009 at 1:23 PM, James Duffyeastcor
realms, it seems that I have
to proxy. Is there another way of accomplishing this?
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Well, in debugging mode, it doesn't log anything to the file, but the
debug output shows it being rejected. When I am not running in debug,
I only get 'Login OK: [zdls02/p2182111] (from client allowed_clients
port 536936642)' logged by the radius server, I am logging my own
simultaneous use
The authentication portion of the module returns ok, the session
portion returns reject, as it should.
On Wed, Jun 17, 2009 at 9:18 AM, Ivan Kalikt...@kalik.net wrote:
Well, in debugging mode, it doesn't log anything to the file, but the
debug output shows it being rejected. When I am not
Ah yes, I was doing that wrong, that seems to work much better now. Thank you.
On Wed, Jun 17, 2009 at 10:28 AM, Alan DeKokal...@deployingradius.com wrote:
James Devine wrote:
The authentication portion of the module returns ok, the session
portion returns reject, as it should
I have setup a custom module to do auth and acct. In debug mode
everything appears correct, and responses appear correct. When I
don't have radius running in debug mode, responses still appear
correct, but if auth fails due to simultaneous use, radius is logging
'Auth: Login OK'. Authentication
Is it possible for me to spin off my own thread to do background work
separate from individual requests in a module? I am trying to start a
thread from the instantiate call and then rejoin on the detach, this seems
to work when I run radius -X, but something is happening when radius is not
in
DeKok al...@deployingradius.comwrote:
James Devine wrote:
Is it possible for me to spin off my own thread to do background work
separate from individual requests in a module?
No.
Why would you do that? The OS already supports multiple processes.
Just run another process.
The RADIUS
I am looking at request information in a C module I am working on, and there
are various value_pairs such as Framed-Protocol who's type is
PW_TYPE_INTEGER but the content is actually a string. It does have a value
in the dictionary and I am guessing it is being mapped from this, but then
This mapping is working correctly. When looking at the VALUE_PAIR struct
for the Framed-Protocol attribute, how do I determine that the contents of
VALUE_PAIR_DATA data; are actually a string and not an integer without prior
knowledge?
On Mon, May 11, 2009 at 1:32 PM, Ivan Kalik t...@kalik.net
vp_prints_value did the trick, thanks
On Mon, May 11, 2009 at 1:48 PM, Alan DeKok al...@deployingradius.comwrote:
James Devine wrote:
This mapping is working correctly. When looking at the VALUE_PAIR
struct for the Framed-Protocol attribute, how do I determine that the
contents
Being able to verify the mac against the ldap database is the best scenario,
the mysql database we are using for accounting only. I added:
DEFAULT User-Name =~ ([0-9a-fA-F]{2}:){5}[0-9a-fA-F]
Auth-Type := Accept
to the users file, but I am still see it setting auth type to ldap after
-bounces+tnt=kalik@lists.freeradius.org[mailto:
freeradius-users-bounces+tnt freeradius-users-bounces%2Btnt=kalik.net@
lists.freeradius.org] *On Behalf Of *James Devine
*Sent:* 14 April 2009 17:09
*To:* freeradius-users@lists.freeradius.org
*Subject:* Dynamically set password_attribute
The user does have a password set in userPassword, but the request doesn't
have this password, I am only getting the mac address in the request to
authenticate the user.
On Wed, Apr 15, 2009 at 2:38 PM, Ivan Kalik t...@kalik.net wrote:
...
Wed Apr 15 13:43:45 2009 : Info: [ldap] looking for
Is it possible to dynamically set the password_attribute ldap module
option? I tried setting it to %{Ldap-Pass-Attr}, but it doesn't seem to
expand this.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
2008/8/29 James Yale [EMAIL PROTECTED]:
2008/8/28 [EMAIL PROTECTED]:
hi,
whats wrong with that debug? looked fine here - that should
end with a happy connection. ntlm_auth got the correct
response.
alan
The problem is that when that log ends the WPA supplicant gets:
-- EAP-MSCHAPV2
distributions/versions of FreeRadius
and Samba, perhaps compile from source - presumably this configuration
is fairly common and working elsewhere, so it should work with some
combination (if I find one I'll post it up).
Thanks,
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
ID 7 with timestamp +5
Ready to process requests.
Thanks,
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
?
Thanks,
James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
, which produces the same effect.
Any hints as to what I'm missing would be welcomed :)
Thanks,
James Yale
[EMAIL PROTECTED]
FreeRADIUS Version 2.0.5, for host i386-redhat-linux-gnu, built on Jul 30 2008 at 10:41:14
Copyright (C) 1999-2008 The FreeRADIUS server project and contributors
getting data from database
I will continue debugs and I look forward to a possible solution or guiding
answer! thanks!
James Taylor
FCIP Networks LLC
Tel: 415.385.4692
Fax: 415.358.9612
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan
101 - 200 of 375 matches
Mail list logo