On Mon, Jan 17, 2011 at 12:36:54PM -0800, Christ Schlacta wrote:
I've got a radius server up and running, and I want to clean up my
configuration as much as possible. is it a safe assumption that if I
remove a file (actually move it out of the way) and attempt to
authenticate a client
On Mon, Jan 17, 2011 at 10:20:00AM +0100, David Dumortier wrote:
In a complex environment to change a piece of software can have
unexpected consequences. And so to change it, it demands long testing
procedures for several teams.
I will try to find a mschap string with a second
On Fri, Jan 14, 2011 at 02:39:58PM +0200, Johan Meiring wrote:
On 2011/01/14 02:07 PM, Alan DeKok wrote:
I attach my debug output
You're running 2.0.4. I suggest upgrading to 2.1.10.
I'm on Debian/lenny, I will stay on lenny.
That's your choice. But... not our recommendation.
I
On Fri, Jan 14, 2011 at 02:57:26PM +0100, joy wrote:
On Fri, Jan 14, 2011 at 02:39:58PM +0200, Johan Meiring wrote:
On 2011/01/14 02:07 PM, Alan DeKok wrote:
I attach my debug output
You're running 2.0.4. I suggest upgrading to 2.1.10.
I'm on Debian/lenny, I will stay on lenny.
On Thu, Jan 06, 2011 at 11:26:44AM +0100, Aurélien Geron wrote:
Hi and happy new year to everyone,
In april I wrote the message below about python modules not being able to
load dynamic libraries on Debian Lenny.
I did not have time to test this ever since, but I just did, and
On Thu, Jan 06, 2011 at 03:46:07PM +0100, Aurélien Geron wrote:
libltdl.so.7 = /usr/lib/libltdl.so.7 (0x7f1018258000)
= FreeRADIUS seems to rely on libltdl.so.7, as expected.
#grep -i advise freeradius.ltrace
= [no output] Apparently, the string advise is nowhere in ltrace's
On Sat, Dec 04, 2010 at 03:42:33PM -0600, James Winter wrote:
The above log doesn't look like authentication; rather it's
authorization. If you want your LDAP module instance to authenticate,
too, call it from the 'authenticate' section?
I do include ldap in my authenticate section of
Hi,
Just ran across this IRL:
Calling-Station-Id: GigabitEthernet 1/0/3.2045:2045#587202578###pppoe
c0:d0:44:e4:cf:3b#
But:
Mon Nov 29 16:54:16 2010 : Error: [our_sql] Couldn't insert SQL accounting
START record - ERROR: value too long for type character varying(50)
The situation
On Fri, Dec 03, 2010 at 12:20:04PM +0100, Alan DeKok wrote:
Josip Rodin wrote:
Just ran across this IRL:
Calling-Station-Id: GigabitEthernet 1/0/3.2045:2045#587202578###pppoe
c0:d0:44:e4:cf:3b#
Arg. That's a *stupid* thing to do.
It would have been saner to define VSAs
On Fri, Dec 03, 2010 at 12:12:52PM +, Phil Mayers wrote:
On 03/12/10 11:51, Josip Rodin wrote:
I already told PostgreSQL to just stop limiting it, because AFAICT there's
no actual benefit.
Under postgresql, there is NO performance benefit or storage space
saving using varchar(N
On Thu, Dec 02, 2010 at 03:48:34PM +0100, Josip Rodin wrote:
The configuration that work:
ldap ldapPerson{
set_auth_type = yes
}
I think this is the catch. I don't have this particular option in my config,
but I see now that it looks like they're all 2.1.8.
I re-checked
On Fri, Dec 03, 2010 at 09:41:07PM +0100, Alan DeKok wrote:
Using random fields in random printable formats is a bad idea.
RADIUS has the concept of attributes. These attributes have names,
specific meanings, and well-defined formats. I have no idea why many
vendors are unable to use them.
On Fri, Dec 03, 2010 at 02:43:50PM -0600, James Winter wrote:
On Dec 3, 2010, at 10:52 AM, Phil Mayers wrote:
You haven't said what your problem is
Sorry! My server tells me that it ldap did not find a correct matchup,
but then returns true.
[ldap] performing search in
On Thu, Dec 02, 2010 at 09:09:51AM +0100, Ana Gallardo wrote:
Add LDAP into the authenticate section, so that it simply tries to re-bind
with the provided credentials? Like this:
Auth-Type LDAP {
ldapPerson
}
I try this configuration too, but it
On Thu, Dec 02, 2010 at 11:54:28AM +, Alexander Clouter wrote:
DEFAULT NAS-Identifier == switch, Huntgroup-Name == allied-telesis,
ldap_login1-LDAP-Group == it-switch-admin
DEFAULT NAS-Identifier == switch, Huntgroup-Name == allied-telesis,
ldap_login2-LDAP-Group == it-switch-admin
On Thu, Dec 02, 2010 at 02:37:43PM +0100, Ana Gallardo wrote:
I have read that this is not ok
http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg49993.html
OK, and you're not doing that which is described above, so you're fine.
The configuration that work:
ldap
On Wed, Dec 01, 2010 at 12:48:14PM +0100, Ana Gallardo wrote:
My problem is: the ldap server don't have public key that an admin user
(who bind) can take. So I have to bind in the authorize section with the
user and password (clear text) in the request.
authenticate {
Auth-Type PAP {
On Sat, Nov 27, 2010 at 04:53:40AM +0100, Alan DeKok wrote:
I understand that changing the behavior is unwanted, but is it really
that much of a burden to HUP the server?
No, I already published updated Debian packages that do the HUP.
They also had to try harder to make sure that the HUP
On Sat, Nov 27, 2010 at 09:06:08AM +, Alan Buxey wrote:
I see plenty of posts saying dont HUP it...I dont think all parts of the
server update/refresh when HUP'ing still so a full restart is the only
clean way anyway.
With regard to log rotation, that's actually contrary to what it should
On Fri, Nov 26, 2010 at 10:46:54PM +0100, Alan DeKok wrote:
Alan Buxey wrote:
one eagle-eyed member spotted a small issue with our systems after the
upgrade to 2.1.10
It's actually in 2.1.9.
the sudden obvious fix is to add the HUP/restart part to the logrotate
script but
we've
On Fri, Nov 19, 2010 at 09:21:11AM +0200, Johan Meiring wrote:
I agree that a lot of newbies will not read it, but if _one_ person reads
it a month, it will mean less questions on the list!
That's actually the wrong solution to that particular problem. Newbies
should stop compiling whenever
On Wed, Nov 17, 2010 at 07:53:02AM +0100, Stefan Winter wrote:
I think it would generally make sense to put a summary output of
configure at the end of its run, so that one can easily see which
modules will be disabled.
In an acute case of bash script fiddling, I created the attached
On Thu, Nov 18, 2010 at 08:48:38AM -0500, John Dennis wrote:
On 11/18/2010 08:21 AM, Josip Rodin wrote:
I've actually been a bit confused by the notion of having separate autoconf
installations/invocation in multiple subdirectories. The point of that would
seem to be that if you just want
On Thu, Nov 18, 2010 at 05:16:03PM +0100, Alan DeKok wrote:
It's so that the modules are independent of the core. If you don't
like a module rm -rf the directory. If you want a new one, drop files
into a subdirectory, and the main configure/build process will find them.
OK, that's actually
On Sun, Nov 14, 2010 at 11:30:40PM +0800, Spacelee wrote:
I have checked the naslist, and there is no ppp, what should I choose?
To quote http://wiki.freeradius.org/naslist, the bolded text,
This file is obsolete and has been removed in all current releases.
This functionality is now in
On Tue, Nov 02, 2010 at 07:30:23AM +1300, Peter Lambrechtsen wrote:
It's probably since you didn't compile OpenLDAP and FreeRadius with OpenSSL
support.
So you will need to recompile OpenLDAP, Cyrus SASL, OpenLDAP and FreeRadius.
No, no, no, and no. sigh
If you want to read random debug
On Wed, Oct 27, 2010 at 10:06:30AM +0100, Frank Bollet wrote:
Is there a way to separate the configuration for each partner, or should I
just
put everything in sites-available/default because it's how it's supposed to
work?
Hmm, isn't it possible to use $INCLUDE in there, too, so the
On Tue, Oct 26, 2010 at 10:10:07AM -0400, Alan DeKok wrote:
Stefan Winter wrote:
when setting up a brand-new server, I fell over one caveat (and did so
more than once, actually): almost all modules are placed in modules/*
and get get auto-loaded when they are needed by the actual
On Fri, Jul 09, 2010 at 11:52:57AM +0300, Eugen Vakulenko wrote:
I've just upgraded from 1.1.6 to 2.1.9. On the old server I'm used
Start/Stop and Interim-Update in acct_users file to execute some script
in this way:
But when I try it on the new server it seems it doesnt work.
exec is
On Mon, Jun 28, 2010 at 05:08:54PM -0400, Maria Sanchez wrote:
The only information I found related to configuring roles indicated that I
had to enter a new attribute in the dictionary file, add the attribute in
the users file with the value I needed and add the dictionary file as a
parameter
On Fri, Jun 25, 2010 at 05:54:38PM -0500, Raymond Norton wrote:
Got things working (yeah!)
Had to reset the users password with ldappassword. For some reason
freeradius couldn't read what was exported to the ldif file. Once I
changed passwords with ldappassword, radtest and WPA worked
On Thu, Jun 24, 2010 at 12:33:10PM -0400, John Dennis wrote:
But even if you did, ldap has this:
userPassword:: e1NIQX13ak83dXhlS3FYR0NFVlhPTEVzVUo4OW9DWFE9
They aren't the same are they? The LDAP entry looks like a hash, you'll
have to figure out which kind. Note it does not contain a
On Thu, Jun 24, 2010 at 11:21:47AM -0500, Raymond Norton wrote:
I misunderstood the instructions. Made the change, and I see now that I
am at least connecting to the ldap server, but still getting rejected.
[ldap] performing user authorization for billy
++[ldap] returns ok
No authenticate
On Thu, Jun 17, 2010 at 11:26:37AM +0100, John Horne wrote:
So what is being seen is that backend server 141.163.66.101 has sent an
accept accept packet (to the local proxy server 195.250) and the log
shows a user as having authenticated. About 10 seconds later, the server
is marked as zombie,
On Wed, Jun 16, 2010 at 01:01:40PM +0300, Bassem Nagi wrote:
Iam having trouble compiling freeradius version 2.1.9 on ubuntu 10.04
when i try to start the server i get an error stating
radiusd: error while loading shared libraries:
libfreeradius-radius-2.1.9.so: cannot open shared object
On Wed, Jun 16, 2010 at 02:31:54PM +0300, Bassem Nagi wrote:
Hey Josip actually i need to compile in order to use rlm_sqlcounter
module as i understand it is not available with the binary package.
Well, I see it at:
http://packages.ubuntu.com/lucid/i386/freeradius/filelist
On Wed, Jun 16, 2010 at 09:56:13AM -0400, David Peterson wrote:
I am having one issue now, when FR receives and EAP packet, the daemon
crashes and I get a segmentation fault. Any thoughts other than starting
from scratch?
What does the debug mode say, the output of freeradius -X just before
On Tue, Jun 15, 2010 at 09:46:59AM -0500, Daniel Davidson wrote:
Doing some more digging, it seems like the wireless clients being caught
by eap for auth, whereas the ASA is falling through to files, and
eventually system, which doesnt really do anything.
Anyone know how to make the
On Tue, Jun 15, 2010 at 12:49:36PM -0400, David Peterson wrote:
I know there is probably something easy I am missing but I cannot for the
life of me get FR to compile with OpenSSL for EAP-TTLS support. Are there
any how-to's on getting Ubuntu to compile OpenSSL support into FR2.1.9
You don't
On Thu, Jun 10, 2010 at 10:12:13AM +0200, Alan DeKok wrote:
Josip Rodin wrote:
That code has indeed changed from 2.1.8 to 2.1.9, and it may be a simple bug
- there is no existence check for request-packet before its dereference in
the new CoA-related condition. There is an existence check
On Wed, May 19, 2010 at 03:01:47PM +0200, Alan DeKok wrote:
Fajar A. Nugraha wrote:
The enthusiasm seems big enough. So how would this work?
http://freeradius.org/doc/community.html
It doesn't seem to be particularly enthusiastic any more. But that's what
happens in the real world :) A
On Fri, May 28, 2010 at 10:32:23AM +0200, Alan DeKok wrote:
2-3 years ago the Wiki started being over-whelmed with spammers. The
spam detection in MediaWiki didn't help, so the simplest solution was to
make the Wiki request only for signups.
I think it might be useful if we had an automated
On Thu, Jun 10, 2010 at 09:07:32PM +0300, Peter Nixon wrote:
We already have a Wiki. Few people edit it. We already have a
publicly available doc directory. Few people submit changes.
Yes. I'll second Alan on this. It was my idea to setup the wiki, and I
spent a LOT of time on it for
On Thu, Jun 10, 2010 at 05:27:47PM +0200, Fred MAISON wrote:
I would appreciate to get an account on the wiki.
I've created it now, you should be getting an automated e-mail.
--
2. That which causes joy or happiness.
-
List info/subscribe/unsubscribe? See
On Thu, Jun 10, 2010 at 10:09:40PM +0300, Peter Nixon wrote:
On Fri 28 May 2010, Josip Rodin wrote:
On Thu, May 27, 2010 at 06:00:48PM +0200, Alan DeKok wrote:
Thanks, but we already *have* a Wiki. I would really prefer to not
add yet *another* location for documentation
On Thu, Jun 10, 2010 at 11:59:57AM -0700, Arran Cudbard-Bell wrote:
That's why I mentioned that ConfirmAccount mediawiki extension - it will
reduce the amount of bother for the admins, while still allowing the users
to use minimal necessary skills to do their edits.
My idea was to install
On Thu, Jun 10, 2010 at 10:44:27PM +0200, Alan DeKok wrote:
We're also not in the business of account management. Someone like
github.com is. If they had a Wiki that was RST *and* backed by git, it
would be a clear winner. But people have been asking since 2008, and
it's still not ready.
On Wed, Jun 09, 2010 at 10:00:14PM +0100, James J J Hooper wrote:
OK - GDB log attached.
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1208649024 (LWP 2425)]
0x08067c64 in received_proxy_response (packet=0x8430a20) at event.c:3075
3075 } else if
On Mon, Jun 07, 2010 at 10:49:01AM +0200, Alan DeKok wrote:
Josip Rodin wrote:
Then again, there is no clear indication to users which part of the large
debug output is important and which part is ignorable, so even if they don't
ignore it, it may still actually be too complicated for them
On Wed, Jun 02, 2010 at 01:46:02PM +0200, Alan DeKok wrote:
When they run it with -X, they'll see the packets as they come in and
that's good for the debugging of the per-request logic, but a lot of
this initial text will scroll down the screen as if everything in it is
all right, and they
On Sat, Jun 05, 2010 at 12:50:59AM +0200, David wrote:
connecting with Window 7 the following gets written to radius.log:
Sat Jun 5 00:00:59 2010 : Info: rlm_eap_md5: Issuing Challenge
Sat Jun 5 00:00:59 2010 : Info: rlm_eap_mschapv2: Issuing Challenge
As opposed to EAP-TTLS, then the
On Tue, Jun 01, 2010 at 02:19:31PM +0200, joy wrote:
On Sat, May 29, 2010 at 10:42:06AM +0200, Alan DeKok wrote:
Even Apache reads the entire directory:
...
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/
...
So what's the solution? Why isn't
On Sat, May 29, 2010 at 10:42:06AM +0200, Alan DeKok wrote:
Even Apache reads the entire directory:
...
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/
...
So what's the solution? Why isn't this a problem for Apache, and is a
problem here?
It stands
On Tue, Jun 01, 2010 at 12:41:38PM +0200, Fred MAISON wrote:
I have not been able to place somthing like this in the post-auth
section of inner-tunnel ...
if ( %{control:Ldap-Group} == wireless ) {
noop
} else {
On Thu, May 27, 2010 at 01:51:44PM -0700, sbchem wrote:
our internal listserv on radius frequently talks people off of freeradius
solely because of the sarcastic and chip on the shoulder attitude of
some of the developers. Quit being such a Mordac Alan, it scares the
tourists and devalues the
On Thu, May 27, 2010 at 06:00:48PM +0200, Alan DeKok wrote:
Thanks, but we already *have* a Wiki. I would really prefer to not
add yet *another* location for documentation.
Yes... the existing Wiki has a number of out-of-date pages.
I will, annoyingly enough :) again use this as an
On Tue, May 25, 2010 at 11:04:00PM +0200, Jan Zacharias wrote:
That did the trick, I just added #defineHAVE_LT_DLADVISE_INIT to
src/main/modules.c
as Bj??rn suggested and now it works flaw-less-ly :)
Alan, maybe it's time to enabled that bit by default :)
--
2. That which causes joy or
On Wed, May 26, 2010 at 05:27:47PM +0800, Stephon Chen wrote:
I've used freeradius as the front of a LDAP server.
Here, I want to allow different access rights for each LDAP group client
ip address
For example below:
user X in LDAP group A, from ip IP-A
user Y in LDAP group B, from ip
On Sat, May 22, 2010 at 07:17:29PM +0100, Alan Buxey wrote:
although some would say thats the package people talking - and that the issue
is only present because of how package management tools etc work. surely
the best way of RPM, APT etc leaving behind all their
rubbish/old-files/new-files
On Sat, May 22, 2010 at 01:45:59PM -0400, John Dennis wrote:
rather than renaming all the config files to have a common extension and
only loading those files with extension the correct extension the
preferred model would be to utilize enabled,available directories. The
filenames would
On Sun, May 23, 2010 at 12:54:49PM +0200, Alan DeKok wrote:
Josip Rodin wrote:
IMHO just changing modules to the -enabled/-available scheme would be a good
first step and it should be done first, in 2.1.10 or whenever.
I'd say 2.2.0. And then move eap.conf sql.conf to raddb/modules
. That doesn't mean everything works, but at least that
mystery is solved.
I think Josip Rodin is maintaining the deb packages. If somehow the old
config files are overriding the new config files in the deb packages
then you and Josip might want to work out what the problem is, sounds
like
On Sat, May 22, 2010 at 10:22:12AM -0400, John Dennis wrote:
Alan I didn't see any open bugs on this, should we open one? Is this a
planned modification for 2.2? I recall some discussion of this a while
back on the mailing list. I suppose changing this is 2.1 would be a
version
On Wed, May 19, 2010 at 01:25:56PM -0600, shirkavand wrote:
$ cd /etc/raddb/certs
$ make
but in my freeradius installation the certs folder does not have any make
file, so if i try to run above commands i get errors. In fact my
installation does not have several files that the tutorial
On Sun, May 16, 2010 at 10:06:34PM +0100, Alan Buxey wrote:
freeradius 2.0.4
samba 3.2.5
you want to run the latest SAMBA but are happy with older FR?
FreeRADIUS 2.1.8 with SAMBA 3.0.37 should be a good combo.
Or, he was simply using the versions of FreeRADIUS and Samba shipped with
On Thu, May 13, 2010 at 06:52:28PM +0200, Johan Meiring wrote:
After building I end up with various packages.
freeradius-common
freeradius-mysql
etc
When building previous versions (tried 2.1.7), the packages were different.
freeradius(note - no -common)
freeradius-mysql
etc
On Thu, May 13, 2010 at 03:23:37PM +0200, Michał Dopierała wrote:
It is possible in freeradius to have one user who has full privilege level
to one equipment (one cisco router privilege lvl15), and limited privilege
level to other equipment (other router with smaller privilege e.g. lvl10
which
On Wed, May 05, 2010 at 04:43:37PM +0200, Alan DeKok wrote:
John Dennis wrote:
I have to agree with Josip that whenever possible users should be
directed to install pre-built packages with the advice to build it
yourself being dispensed only with great care.
The Wiki could be updated
On Tue, May 04, 2010 at 07:58:03PM +0100, Alan Buxey wrote:
rlm_eap: No such sub-type for default EAP type peap
yep - the default debian install doesnt have OpenSSL support.
http://wiki.freeradius.org/Build#Building_Debian_packages
No, only the default build of 2.1.8 from original source
On Tue, May 04, 2010 at 09:39:30PM +0100, Alan Buxey wrote:
3.) Install the the main FreeRADIUS package from there, for example with:
apt-get install -t lenny-backports freeradius
alternatively, grab the source and build it yourself. the choice is yours.
No, I think that is a false
On Thu, Apr 29, 2010 at 08:11:15PM +, Huckle Berry wrote:
I added the lenny-backport repo and updated. I then ran
$sudo apt-get install freeradius
I cannot copy and paste the output because I'm sshing on my mobile but
apt essentially reports that libltd13 (1.5.2-2+) is a dependency but
it
On Fri, Apr 30, 2010 at 11:11:45AM +0200, Alan DeKok wrote:
Josip Rodin wrote:
Ah, karmic moved on from LTDL 3. Then you can try moving to the freeradius
package in Debian squeeze which depends on libltdl7.
They have magic undocumented interactions, new versions are *silently
On Fri, Apr 30, 2010 at 02:21:47PM -0400, Huckle Berry wrote:
I replaced the apt source, ran apt-get update and let it rip. It updated the
following:
freeradius-common freeradius-utils libdb4.5 libfreeradius2 libltdl-dev
libltdl7 libncursesw5 libperl-dev libperl5.10 libsqlite3-0
On Fri, Apr 30, 2010 at 05:02:48PM -0400, Huckle Berry wrote:
Ah, but you got too much. Now you have Perl, Python, the SSL library and
all those other things with a newer version than those in karmic.
I don't see how having newer versions of perl/python could be an issue. As
far as SSL is
On Thu, Apr 29, 2010 at 07:55:25AM +0200, Alan DeKok wrote:
Huckle Berry wrote:
I have a server that is running a relatively clean install of Ubuntu
9.10 Server. Due to the known licensing issue restrictions I cannot
simply use the debian freeradius package.
This was fixed in 2.1.8.
On Thu, Apr 29, 2010 at 02:07:50PM -0400, Huckle Berry wrote:
I have a server that is running a relatively clean install of Ubuntu
9.10 Server. Due to the known licensing issue restrictions I cannot
simply use the debian freeradius package.
This was fixed in 2.1.8.
As of
On Wed, Apr 28, 2010 at 09:43:50AM +0100, Tim Robinson wrote:
I am having problems building FR 2.1.8 on Debian 5.0.4
$ tar zxf freeradius-server-2.X.Y.tar.gz
Any ideas please? I have googled for days on this
In all your googling you managed to miss the simple fact that you don't
actually
On Mon, Apr 26, 2010 at 03:44:50PM -0300, Wagner Pereira wrote:
Is there a How-To explaining how to implement Radius in this NAS?
The IOS version is 12.2
What exactly do you need explained, that isn't in Cisco documentation?
--
2. That which causes joy or happiness.
-
List
On Wed, Apr 21, 2010 at 05:47:43PM +0200, Alan DeKok wrote:
Without status_check, you rely on the timeouts - revive_interval and
zombie_period.
Which is much worse than status checks.
But, if you're talking to FR 1.1.7, that should be able to make it respond
negatively to a single
On Tue, Apr 20, 2010 at 03:49:59PM -0500, Jonathan Hutchins wrote:
I really appreciate the help and patience:
On Tuesday 20 April 2010 03:38:53 pm Alan Buxey wrote:
see your logs, it says
++[unix] returns notfound
[files] users: Matched entry DEFAULT at line 172
That worries me a
On Tue, Apr 20, 2010 at 12:27:18PM -0500, Jonathan Hutchins wrote:
Progress, of a sort!
In additition to the instructions in the PopTop doc, I have enabled ntdomain
on lines 119 and 345 of /etc/freeradius/sites-enabled/default, and I have
enabled nt_domainhack on line 37 of
On Tue, Apr 20, 2010 at 10:59:04PM -0800, Benjamin Marvin wrote:
The radius.log file for the primary servers show they are marking the 4th
and Cisco (upstream) servers as zombie quite regularly (but not
simultaneously);
I've set the response_window to as high as 60 seconds in the
On Mon, Apr 19, 2010 at 05:10:09PM -0500, Jonathan Hutchins wrote:
On Monday 19 April 2010 04:33:25 pm Josip Rodin wrote:
The suffix module didn't recognize \ as a delimiter. You probably need to
tell it explicitly to do that. To add your own module instance, just add a
new file in /etc
On Mon, Apr 19, 2010 at 02:55:21PM -0500, Jonathan Hutchins wrote:
I enabled the default site example from sites-available, now I'm back to
seeing errors trying to parse the realm or NT domain from DOMAIN\\user.
Log attached.
Really appreciate the help with this.
You don't need to tar
On Sat, Apr 17, 2010 at 11:14:59AM -0500, Jonathan Hutchins wrote:
On Saturday 17 April 2010 01:51:22 am Alan DeKok wrote:
Post the debug log, as suggested in the FAQ, README, INSTALL, man
page, and daily on this list.
Attached.
Are there any issues with freeradius and samba's
On Fri, Apr 16, 2010 at 12:05:38PM +0200, Alan DeKok wrote:
Jakob Hirsch wrote:
Anyways, I really want to find out what's going wrong, so I wanted to
get core dumps of these crashes. Only that I just don't get them.
So what's missing? The only indication of the crash is this line in
On Fri, Feb 12, 2010 at 06:42:02PM +0700, Teguh Kurniawan wrote:
But I've got another problem, my testing is rejected. What should I do ?
cfg.c, line 175: no permission for configfile
Exec-Program output:
Exec-Program: returned: 1
Delaying request 0 for 1 seconds
Finished request 0
You're
On Thu, Feb 11, 2010 at 11:56:45AM +0700, Fajar A. Nugraha wrote:
On Thu, Feb 11, 2010 at 11:25 AM, Teguh Kurniawan
teguhkurniawanwij...@gmail.com wrote:
Table 'radius.radusergroup'
doesn't exist
Do you have that table?
Perhaps it's a case of not importing the database schema found in
On Mon, Feb 01, 2010 at 05:19:34PM +0100, Alan DeKok wrote:
If you've installed a Debian package, read the Wiki for how to install
a debian package with OpenSSL.
Hm, http://wiki.freeradius.org/Build#Building_Debian_packages needs to be
updated to tell people to run 'dpkg-buildpackage
On Thu, Jan 28, 2010 at 06:46:12PM +0100, Jonathan Amiez wrote:
In debian, certs are linked from the snakeoil openSSL certs.
So I removed the links, got the FR sources and copy the raddb/certs contents
into /etc/freeradius/certs.
Then I ran make to generate new certs, but the problem's still
On Mon, Jan 18, 2010 at 11:51:28AM -0700, Bryan Boone wrote:
I have a small network of about 10 windows XP machines. I need to set
these machines up so that my users can log into any of these machines.
I was told that a Radius server could accomplish the same thing for me.
Is this true?
On Fri, Jan 15, 2010 at 08:55:24AM -0800, piston wrote:
i don't event know how i managed to delete all virtual server, managed to
solved the problem by copy back entire freeradius folder under /etc/
upgrade from 2.1.6 2.1.7 2.1.8 prelease was very smooth without
problem, basically i just
On Tue, Jan 05, 2010 at 03:37:25PM -0500, John Dennis wrote:
I am running RHEL 5.3 and FreeRADIUS Version 2.1.8.
When I install freeradius and attempt to start it for the first time using
the /etc/init.d/radiusd start script it always fails (only right after
freeradius is installed), once i
On Thu, Dec 31, 2009 at 08:43:06AM -0800, piston wrote:
Trying to compile at my Debian 5 64bit server but fail.
dpkg-checkbuilddeps: Unmet build dependencies:
quilt
dpkg-buildpackage: warning: Build dependencies/conflicts unsatisfied;
aborting.
So what exact issue do you have with simply
On Tue, Dec 15, 2009 at 09:03:33AM +0100, Alan DeKok wrote:
Axel Vogel wrote:
Please look at the configuration of virtual hosts in apache2.
The httpd.conf incudes only files with a well defined suffix
vhosts.d/*.conf
Sure. Send a patch.
I was thinking we should use the
On Mon, Dec 21, 2009 at 03:39:24PM +, Alan Buxey wrote:
that makes the modules go into modules-available - but then you need
to create the modules-enabled directory and put links into there...
by default the server needs at least a handful of the modules to be present
for its default
On Tue, Dec 15, 2009 at 01:49:35PM +0530, kachin Agarwal wrote:
I have a doubt. If the entire authentication ends in milli seconds then
how can it wait for about 4.9 seconds in each handshake.???
It's not relevant, read the two lines above that say:
Finished request 0.
Going to the next
On Tue, Dec 15, 2009 at 01:10:20PM -0500, David Peterson wrote:
What I am not understanding at this point is how the authentication works
with the username hashed or using hex stuff but the accounting
doesn't. You can see on this debug that the username looks the same when
its authenticated
On Mon, Dec 14, 2009 at 09:04:11AM +, Santiago Balaguer García wrote:
It is a long time since I work with FR and hotspots. I am using a
Postgres database, but I want to move to a ORACLE database.
To keep the consistency and the service I want to run simultaneously both
databases,
On Wed, Dec 09, 2009 at 07:50:05AM +0100, Alan DeKok wrote:
Then the home servers are *extremely* slow. Sending 300 packets over
the course of a second or two wouldn't overload a 486.
AFAIK they are not 486s :) but we're still investigating what made them so.
Can any conclusions be drawn
1 - 100 of 128 matches
Mail list logo
