Another PAM question

? Gr, Hans - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Another PAM question

user 'testuser' So my guess would be that RADIUS-LDAP is OK, but there's something wrong with login-PAM/RADIUS Any hints appreciated Hans -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gary McKinney Sent: donderdag 24 juni 2004 17:11 To: [EMAIL

Why radius when I have LDAP?

need a direct connection to LDAP for uid, gid, homedir etc, because radius can not handle that kind of info! So: why would I want to use radius? I could do without it, couldn't I? Gr, Hans - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

problems with old mysql version and PEAP/MSCHAPV2

: Found Auth-Type EAP auth: type EAP . Kind Regards Hans -- Hans Bornemann Universitaet Dortmund - ITMC Tel. ++49 231 755 2132 Fax. ++49 231 755 2731 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: wpa2 - huntgroup problems

Hi, did you mean the operator for the huntgroups? hans On Thu, 2008-04-10 at 10:29 +0100, Phil Mayers wrote: Hans Bornemann wrote: Hi, I have a problem with huntgroups and wpa2. It concerns the following: First, huntgroups works with ntradping and crypt-passwd: mysql-db

wpa2 - huntgroup problems

! No known good password found for the user. Authentication may fail because of this. modcall[authorize]: module pap returns noop for request 9 modcall: leaving group authorize (returns updated) for request 9 rad_check_password: Found Auth-Type EAP auth: type EAP Thanks Hans -- Hans

Re: wpa2 - huntgroup problems

[authorize]: module sql returns ok for request 0 i have checked the debug - the nas-ip is the same as defined in the huntgroupsfile thanks Hans On Thu, 2008-04-10 at 10:49 +0100, Phil Mayers wrote: Hans Bornemann wrote: Hi, did you mean the operator for the huntgroups? No. Crypt-Password

Re: wpa2 - huntgroup problems -fixed

also has these configuration # items, which are the same as for TTLS. copy_request_to_tunnel = yes hans On Thu, 2008-04-10 at 12:50 +0200, Hans Bornemann wrote: Hi, maybe a missunderstanding. The authentication with crypt-password works

proxy.conf problem: username send with suffix

,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): User [EMAIL PROTECTED] not found in radgroupcheck Thanks Hans -- Hans Bornemann Universitaet Dortmund

looking into local db after Realm Default was found

Hi, I don't know why my radius does the following: my freeradius-server (1.1.7) retrieves the username from the local db AFTER Found realm DEFAULT. Then the query was send to the correct radius. Thanks Hans Debug: ... Processing the authorize section of radiusd.conf modcall: entering

Re: looking into local db after Realm Default was found

-- Hans Bornemann Universitaet Dortmund - ITMC Tel. ++49 231 755 2132 Fax. ++49 231 755 2731 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Why radius when I have LDAP?

-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kostas Kalevras Sent: vrijdag 2 juli 2004 16:49 To: [EMAIL PROTECTED] Subject: Re: Why radius when I have LDAP? On Thu, 1 Jul 2004, Hans wrote: Hello, This may seem a little strange

huntgroup question

file. users: bob Cleartext-Password := hello, Huntgroup-Name =~note Is that correct? I understand the docs so, that the radius first looks into the hints file, than huntgroup and after that the realm is looked up. Hans -- Hans Bornemann Universitaet Dortmund - ITMC Tel. ++49 231

md5-passwords in mysql db did not work

. Any ideas? Hans -- Universitaet Dortmund Hochschulrechenzentrum - Digitale Netze - August Schmidt Str.12 44227 Dortmund Tel. ++49 231 - 7552132 Fax. ++49 231 - 7552731 Mail: [EMAIL PROTECTED] Web: http://www.hrz.uni-dortmund.de/s1/ - List info/subscribe/unsubscribe? See http

rlm_pap: No password (or empty password) to check against for for user

4011287a Nothing to do. Sleeping until we see a request. Thanks Hans -- Universitaet Dortmund Hochschulrechenzentrum - Digitale Netze - August Schmidt Str.12 44227 Dortmund Tel. ++49 231 - 7552132 Fax. ++49 231 - 7552731 Mail: [EMAIL PROTECTED] Web: http://www.hrz.uni-dortmund.de/s1

EAP/LEAP and LDAP working together

the users individually in the users file. I believe the radiusd.conf is OK, and the problems is with the users file, but can't see where. I seem to be at a dead end, so I'm hoping that someone has some suggestions or at least hints or where I should be looking. Thanks in advance for any help -- Hans

stopping authentication after first match

Login OK: [00062518a9e6] (from client NetworkManagement port 387 cli 0006.2518.a9e6) Sending Access-Accept of id 203 to 10.255.200.1:1645 Finished request 0 -- Hans K. Fiedler Information Technology Network Analyst Communications Services [EMAIL

Re: AlfaAriss Client question

from central computing, so I can just work with them informally, which is much easier, I'm a unix/freebsd guy so I'm trying to stay on the server end and not get sucked into the windows support, but I have to find something I can verify working I can use to test out the server. -- Hans K. Fiedler

testing values for LDAP attributes

this, and I just need to get my syntax working, or since the users file is checked then falls through to LDAP is out of the picture at that point? -- Hans K. Fiedler Information Technology Network Analyst Communications Services [EMAIL PROTECTED

Re: testing values for LDAP attributes

On Wed, Apr 21, 2004 at 10:13:23PM -0400, Alan DeKok wrote: Hans Fiedler [EMAIL PROTECTED] wrote: I can't get the attribute value checking to work. I've tried mapping the attribute in the ldap.attrmap file, checkItem WirelessStatus WirelessStatus and checking

RE: PAM and FreeRadius

-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: dinsdag 8 juni 2004 15:36 To: [EMAIL PROTECTED] Subject: Re: PAM and FreeRadius Hans Bouwers [EMAIL PROTECTED] wrote: which means that the password that radiusd gats the clear

RE: PAM and FreeRadius (Resend, pls ignore the 11:46-message)

-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: dinsdag 8 juni 2004 15:36 To: [EMAIL PROTECTED] Subject: Re: PAM and FreeRadius Hans Bouwers [EMAIL PROTECTED] wrote: which means that the password that radiusd gats the clear

networkaddresses in huntgroupfile

Hi, is there a way to define networks in the huntgroupfile, something like name == 10.0.0.1/24 Hans -- Hans Bornemann Universitaet Dortmund - Hochschulrechenzentrum Tel. ++49 231 755 2132 Fax. ++49 231 755 2731 - List info/subscribe/unsubscribe? See http

Problem with EAP/MD5 behind proxy

this with a realm the second radius-server shows this error: rlm_eap: Identity does not match User-Name, setting from EAP Identity rlm_eap: Failed in handler any ideas? Hans -- Hans Bornemann Universitaet Dortmund - Hochschulrechenzentrum Tel. ++49 231 755 2132 Fax. ++49 231 755 2731 - List info

RE: Problem with EAP/MD5 behind proxy

== testing Login with [EMAIL PROTECTED] -- Authentication failed on radius-server no. 2 Login with testuser -- Authentication o.k. on radius-server no. 1 Both radius-server has the same users-file. Hans On Thu, 2006-12-07 at 11:28 +, Josh Howlett wrote: You're stripping the realm

Re: Problem with EAP/MD5 behind proxy

in the request auth: Failed to validate the user. Login incorrect: [steve/no User-Password attribute] (from client gb5-sw5 port 50013 cli 00-0B-5D-52-76-94) Delaying request 44 for 1 seconds Finished request 44 Going to the next request Hans On Thu, 2006-12-07 at 12:32 +, [EMAIL PROTECTED

Re: Problem with EAP/MD5 behind proxy

Sorry, only a typing error in the mail. the users file ist correct: steve Auth-Type := Local, User-Password == testing Hans Hi, Hi Alan, Auth-Type := Local produced the following failure: users: steve Auth-Type := Local, User-Password = testing

Want to set Auth-Type to pam if Auth-type ist unset

}' == ) ? Evaluating ('%{Control:Auth-type}' == ) - FALSE ++? if ('%{Control:Auth-type}' == ) - FALSE auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Do you have a suggestion? Thank You for Your time. -- Grüße Hans-Peter Fuchs

make freeradius-2.0 cvs Version

declaration of `librad_MD4_CTX' gmake[4]: *** [threads.lo] Fehler 1 On an other system with fedora 4.1.1-30 and openssl-0.9.8b-8.3.fc6 the make runs fine without errors -- Grüße Hans-Peter Fuchs Hans-Peter Fuchs - RRZK Zimmer 20 Zentrum für

want to configure: eap ttls with pap

i test freeradius.1.0.0 on redhat and want to configure eap ttls with pap. Has someone a example configuration. I don't know how where to configure pap. radiusd -x says: rlm_eap_ttls Unknown EAP Type PAP Grüße Hans-Peter Fuchs Hans-Peter Fuchs - RZKR, Zimmer 20 Zentrum fuer angewandte

Re: Radius 2950's Question

instead ? ip radius source-interface loop 0  Grüße Hans-Peter Fuchs Hans-Peter Fuchs - RZKR, Zimmer 20 Zentrum fuer angewandte Informatik - Universitaetsweiter Service RRZK Universität zu Köln - Tel: 0221-470-6972 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Limit access of a SSID to a certain LDAP group

://www.freeradius.org/list/users.html -- Mit freundlichen Grüßen Hans-Peter Fuchs Hans-Peter Fuchs - RRZK Zimmer 20 Zentrum für angewandte Informatik - Universitätsweiter Service RRZK Universität zu Köln - Tel: 0221-470-6972 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list

feature request

Hello Alan, today I upgraded from freeradius-2.1.1 to 2.1.3 and stumbled because freeradius does not erase the socket file in /var/run/radiusd. -- Mit freundlichen Grüßen Hans-Peter Fuchs Hans-Peter Fuchs - RRZK Zimmer 20 Zentrum für angewandte Informatik - Universitätsweiter Service RRZK

Re: Inner identity in accounting logs

freundlichen Grüßen Hans-Peter Fuchs Hans-Peter Fuchs - RRZK Zimmer 20 Zentrum für angewandte Informatik - Universitätsweiter Service RRZK Universität zu Köln - Tel: 0221-470-6972 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: [UKLAN] feature request

Hello Alan, freeradius-2.1.1 created the socket with 'radiusd' as owner and freeradius-2.1.3 throw error: Error: We do not own /var/run/radiusd/radius1.sock because it created it with owner root. Am Donnerstag, den 29.01.2009, 14:19 +0100 schrieb Alan DeKok: Hans-Peter Fuchs wrote: today I

freeradius hangs when sql-server does not answer

. If packets are blocked freeradius hangs and does not answer incoming requests - even authorisation requests which do not need sql-server. Output from radiusd -X stops after showing the sql-statement send to mysql-server. Output continues normally after I release the iptables filter. Grüße Hans

Timeout with freeradius1.0.1 on redhat-AS-3.1

: Thread create failed: Cannot allocate memory If I configure: max_requests_per_server = 50 in the thread pool section there are no problems for 24 hours and more. I append: radiusd.conf.gz users radiusd-X.gz Grüße Hans-Peter Fuchs Hans-Peter Fuchs - RZKR, Zimmer 20 Zentrum fuer

Convert from gnu-radius to freeradius 1.0.1

-Name] = %[User-Name]; return 0; } This means: If User-name empty and Acct-Session-Id is given then take Acct-Session-Id as User-Name else Take given User-name How can I do this with freeradius? Grüße Hans-Peter Fuchs Hans-Peter Fuchs - RZKR, Zimmer 20 Zentrum fuer angewandte

Errors with freeradius-snapshot-20050424 make install

Hans-Peter Fuchs Hans-Peter Fuchs - RZKR, Zimmer 20 Zentrum fuer angewandte Informatik - Universitaetsweiter Service RRZK Universität zu Köln - Tel: 0221-470-6972 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Read Group-Attribute from mysql

I want to read the Group-Attribute from a mysql-database without having all users in the mysql-database. Users not in mysql should have group := default others group:= from mysql-table. Is that possible. Do you have some hints. I am using freeradius 1.0.4 Grüße Hans-Peter Fuchs Hans

Want to use 2 different authentication-methods

. Reason: Permission denied modcall[authenticate]: module pam returns reject for request 0 modcall: group authenticate returns reject for request 0 auth: Failed to validate the user. Grüße Hans-Peter Fuchs Hans-Peter Fuchs - RZKR, Zimmer 20 Zentrum fuer angewandte Informatik - Universitaetsweiter

sql_log outputs truncated sql-statements

'); } is this a bug or my stupidness? Grüße Hans-Peter Fuchs Hans-Peter Fuchs - RZKR, Zimmer 20 Zentrum fuer angewandte Informatik - Universitaetsweiter Service RRZK Universität zu Köln - Tel: 0221-470-6972 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Want to test against variable-value

or comma Errors reading /usr/local/etc/raddb/users radiusd.conf[398]: files: Module instantiation failed. radiusd.conf[828] Unknown module files. radiusd.conf[742] Failed to parse authorize section. Thank you for any hint. Grüße Hans-Peter Fuchs Hans-Peter Fuchs - RRZK Zimmer 20 Zentrum für

Bug in rlm_sql reconnect code??

. Grüße Hans-Peter Fuchs Hans-Peter Fuchs - RRZK Zimmer 20 Zentrum für angewandte Informatik - Universitätsweiter Service RRZK Universität zu Köln - Tel: 0221-470-6972 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html