Setting Post-Proxy-Type ??

for post.proxy.dr4 for attribute Post-Proxy-Type I don't know what i am doing wrong ? Any help is appreciated Thanks -- Mustapha BOUIKHIF Service Systèmes d'Information CNRS - DR4 tel: +33 1 69 82 33 97 fax: +33 1 69 82 33 39 - List info/subscribe/unsubscribe? See http://www.freeradius.org

Re: Setting Post-Proxy-Type ??

Alan DeKok a écrit : Mustapha Bouikhif wrote: I am having problemes getting Post-Proxy-Type to work in FreeRadius (FR); I did tests with FR v2.0.3 and FR v2.0.5 after update without success; Here is what i want to do: Use attr_rewrite to write some attributes (those for setting VLAN

Re: openLDAP freeRADIUS

properly hope this may help... -- Mustapha BOUIKHIF Service Systèmes d'Information CNRS - DR4 tel: +33 1 69 82 33 97 fax: +33 1 69 82 33 39 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

acct and syslog

... -- Mustapha BOUIKHIF Service Systèmes d'Information CNRS - DR4 tel: +33 1 69 82 33 97 fax: +33 1 69 82 33 39 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: acct and syslog

Alan DeKok a écrit : Mustapha Bouikhif wrote: Is there a simple way to send accounting logs (of FR 2.0.5) to syslog ? I mean the various detail files: auth_log, reply_log, pre||post_proxy_log ... You REALLY don't want to do that. It's a very bad idea. It is possible to append

ldap backend and Realm

to configure radiusd to use a specific ldap module configuration based on the realm of the user connected to the wireless network. Can I use unlang with (switch %{Realm}statement) to do so ? Thanks for any clues and help. -- Mustapha BOUIKHIF Service Systèmes d'Information CNRS - DR4 tel: +33 1 69

Re: ldap backend and Realm

:-%{User-Name}}) base_filter = (objectclass=radiusprofile) ... } authorize { .. ldap .. } But when I restarted radiusd, it shows errors initializing modules -ldap- What am I doing wrong ? thanks for any clues. -- Mustapha BOUIKHIF Service Systèmes

Re: ldap backend and Realm

syntax Nov 17 15:13:39 localradius radiusd[8420]: rlm_ldap: (re)connection attempt failed radiusd can not replace the temporary attribute (My-BaseDN) with the correct value ... May be cause the ldap module is called before authorize section where My-BaseDN is defined ?? -- Mustapha BOUIKHIF

Re: ldap backend and Realm

May be cause the ldap module is called before authorize section where My-BaseDN is defined ?? Why? In what section? Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Mustapha BOUIKHIF Service Systèmes d'Information

Re: ldap backend and Realm

Alan DeKok a écrit : Mustapha Bouikhif wrote: Thanks Ivan, but still doesn't work... In my /etc/raddb/dictionary file: ATTRIBUTE My-BaseDN 10 string Don't do that. Do you mean 10 . the number picked should be between 3000 and 4000 ? READ the comments in the raddb

Re: ldap backend and Realm

radiusd.conf? Post the whole debug from server startup. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Here is the debug of radiusd (attached file) -- Mustapha BOUIKHIF Service Systèmes d'Information CNRS - DR4 tel: +33 1

Re: ldap backend and Realm

Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Thanks Ivan Alan. It works by defining multiple ldap in my config. -- Mustapha BOUIKHIF Service Systèmes d'Information CNRS - DR4 tel: +33 1 69 82 33 97 fax: +33 1 69 82 33 39 - List info/subscribe

attribute filter

-VLAN-Name == VLAN2, Tunnel-Private-Group-Id == VLAN1, Tunnel-Private-Group-Id == VLAN2, But It doesn't work unless I set those attributes to * ANY (Trapeze-VLAN-Name =* ANY, Tunnel-Private-Group-Id = * ANY, ...) Thanks for help and clues. -- Mustapha BOUIKHIF Service Systèmes d'Information CNRS

Re: attribute filter

://www.freeradius.org/list/users.html -- Mustapha BOUIKHIF Service Systèmes d'Information CNRS - DR4 tel: +33 1 69 82 33 97 fax: +33 1 69 82 33 39 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: attribute filter

realms ? man unlang says: -= Remove all matching attributes from the list I don't want to remove attributes, but to filter some attributes (Tunnel-Private-Group-id) which must have 2 possible values: VLAN1 or VLAN2 for a given realm. -- Mustapha BOUIKHIF Service Systèmes d'Information CNRS

attr_filter issue

well. I don't understand this behaviour. Thanks for any ideas/help -- Mustapha BOUIKHIF Service Systèmes d'Information CNRS - DR4 tel: +33 1 69 82 33 97 fax: +33 1 69 82 33 39 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: attr_filter issue

, tcp-clear ) # o Login hosts of either 192.168.1.1 or 192.168.1.2 # #tisp # Service-Type == Login-User, # Login-Service == Telnet, # Login-TCP-Port == 23, # Login-IP-Host == 192.168.1.1, # Login-IP-Host == 192.168.1.2 Thanks again. -- Mustapha BOUIKHIF Service