(RADIATOR) RE: LDAP and NT
Hi Wilbert,
This is very puzzling to us. We have not seen it before, and we are unsure what
the right way to deal with it.
Can you tell us exactly what whitespace characters are trailing your fields,
and how you loaded the data in to the LDAP server? Are you sure that the data
in the LDAP server does not have trailing whitespace?
Thanks for reporting this. I hope we will be able to get to the bottom of it
soon.
Cheers.
On Jul 30, 9:03am, Wilbert de Graaf wrote:
Subject:
We have Radiator running on both Linux and NT, and authenticate against the
Microsoft LDAP server, using the AuthbyLDAP clause. With Radiator on Linux,
everything was okay but when we tried it on NT, every authentication request
was rejected.
When I looked into the logfile, I noticed there was an extra whitespace at
the end of every value. I tried to use AuthbyLDAP2 instead, but the same there.
When I changed AuthLDAP.pm on NT a little bit it worked, but this is not a
general solution. The code was something like:
#file "AuthLDAP.pm"
sub finduser {
#...
if ($ent) {
#...
for (...) {
my @vals = ldap_get_values($self-{ld}, $ent, $ber);
chop @vals;
}
}
}
The only thing I added was the "chop @vals;". This is okay on NT, but wrong
on Linux.
- Wilbert
[ Attachment (text/x-html): ".prt3322Cfcbbb" 3019 bytes
Character set: iso-8859-1
Encoded with "quoted-printable" ]
-- End of excerpt from Wilbert de Graaf
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: FW: (RADIATOR) Disallow EMail Only accounts from logging in using Radiator wAuthByPLATYPUS
Hi Kurt, I cant think of an easy way to do this except to alter the SQL select statment in AuthEMERALD.pm so that it checks the rate too. Hope that helps. Cheers. On Jul 28, 3:17am, Kurt Richter wrote: Subject: FW: (RADIATOR) Disallow EMail Only accounts from logging in using -Original Message- From: Kurt Richter [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 27, 1999 10:07 PM To: 'Hugh Irvine' Subject: RE: (RADIATOR) Disallow EMail Only accounts from logging in using Radiator wAuthByPLATYPUS -Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 27, 1999 9:52 PM To: Kurt Richter; [EMAIL PROTECTED] Subject: Re: (RADIATOR) Disallow EMail Only accounts from logging in using Radiator wAuthByPLATYPUS At 6:32 AM 27/7/99, Kurt Richter wrote: I've got Radiator authenticating using Platypus. It's a nice system. I've enjoyed learning how to work with it. But before I can put Radiator on my production unit, I'd like to know if anybody else has figured out a slick way to prevent EMail only accounts from authenticating using this Platypus set-up. I'm not sure how you would like this to work - could you provide more details please? If you are trying to have two different classes of users in the same Radiator setup, many people set up two IP address pools on their NAS equipment (with corresponding filters) and have the two classes of users allocated from the two pools. hth Hugh Actually, We want to totally prevent email only accounts from authenticating at all. We want the parent account to be the only one that will authenticate. The only difference in Platypus between the accounts, is the Rate Group for each. We have 3 rate groups the should not authenticate because they are free email only accounts. Is there anyway to make the Platypus rate group a check item for authentication? Kurt Richter -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- End of excerpt from Kurt Richter -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) radiator on oracle
Hi Dennis - On Mon, 02 Aug 1999, Dennis G. Villanueva wrote: hi hugh; i was able to read this document before sending you an email. i was able use this when i installed oracle on both systems. does this mean i have to install oracle software on every radius server that we will be roling-out? You will only need the Oracle client software on the Radius hosts, not the whole database server. -- || | oracle server | || --- - | | | | | radius | | radius | | | | | --- - in this figure do i really have to install oracle on the two radius servers? if not, how am i going to install the perl support for DBD:Oracle without installing oracle? hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) RE: LDAP and NT
Mike,
I'm for sure I don't have an extra
character in de the LDAP directory. But I also figured that it isn't Radiator
but the LDAP modules themselves.
If I print ord(chop($value)) it says 0, and
if I print length($value) is is always 1 more than I had in mind. If I run this
same script on Unix, I don't see this '\0' and also length is correct. So the
problem is in perl-ldap instead. I will mail this to Graham Barr.
- Wilbert
-Original Message-From:
Mike McCauley [EMAIL PROTECTED]To:
Wilbert de Graaf [EMAIL PROTECTED]; [EMAIL PROTECTED] [EMAIL PROTECTED]Date:
maandag 2 augustus 1999 9:33Subject: (RADIATOR) RE: LDAP and
NTHi Wilbert,This is very puzzling to us. We
have not seen it before, and we are unsure whatthe right way to deal
with it.Can you tell us exactly what whitespace characters are
trailing your fields,and how you loaded the data in to the LDAP server?
Are you sure that the datain the LDAP server does not have trailing
whitespace?Thanks for reporting this. I hope we will be able to get
to the bottom of itsoon.Cheers.On Jul 30,
9:03am, Wilbert de Graaf wrote: Subject: We
have Radiator running on both Linux and NT, and authenticate against
theMicrosoft LDAP server, using the AuthbyLDAP clause. With Radiator on
Linux,everything was okay but when we tried it on NT, every
authentication requestwas rejected. When I looked into the
logfile, I noticed there was an extra whitespace atthe end of every
value. I tried to use AuthbyLDAP2 instead, but the same there.When I
changed AuthLDAP.pm on NT a little bit it worked, but this is not
ageneral solution. The code was something like: #file
AuthLDAP.pm sub finduser
{ #... if
($ent) {
#... for (...)
{
my @vals = ldap_get_values($self-{ld}, $ent,
$ber);
chop @vals;
} } } The only thing
I added was the chop @vals;. This is okay on NT, but wrongon
Linux. - Wilbert [ Attachment
(text/x-html): .prt3322Cfcbbb 3019 bytes
Character set: iso-8859-1 Encoded with
quoted-printable ]-- End of excerpt from Wilbert de
Graaf-- Mike
McCauley
[EMAIL PROTECTED]Open System
Consultants Pty.
Ltd Unix,
Perl, Motif, C++, WWW24 Bateman St Hampton, VIC 3188
Australia http://www.open.com.auPhone +61 3
9598-0985
Fax +61 3 9598-0955Radiator: the most portable, flexible
and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP,
NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external,
etc etc on Unix, Win95/8, NT, Rhapsody===Archive at http://www.thesite.com.au/~radiator/To
unsubscribe, email '[EMAIL PROTECTED]'
with'unsubscribe radiator' in the body of the
message.
(RADIATOR) Authenticating From Radmin
I've now got Radmin installed and I'm very pleased with the user interface and
capabilities. Now I'm trying to get my radius.cfg setup to allow
authentication of a test user and still allowing fallback to authenticating
from the shadow password file for my existing customers. I've attached my
radius.cfg file and the trace logfile output. When I ran the attached config
none of my existing customers could login.
Can anyone tell me how to correct this problem?
Regards. Paul
# livingCompat.cfg
#
# This is a simple Radiator config file that allows you
# to continue using a bog standard Livingston or
# similar users file with Radiator, It implements the
# Auth-Type="System" check item by using AuthBy UNIX
#
# You will probably want to change the definitions of
# DbDir, LogDir and the Filename parameters
#
# Author: Mike McCauley ([EMAIL PROTECTED])
# Copyright (C) 1997 Open System Consultants
# $Id: livingCompat.cfg,v 1.3 1999/07/12 02:01:35 mikem Exp $
#Foreground
#LogStdout
Trace 4
DbDir /etc/raddb
LogDir /var/log/radacct
DictionaryFile /etc/raddb/dictionary
# This clause defines a single client to listen to
# You will probably want to change localhost and mysecret
# to suit your site.
Client xenon
Secret XXX
/Client
Client dm1
Secret XXX
/Client
Client pm1
Secret XXX
/Client
# This clause means we will handle any real that arrives
Realm DEFAULT
AuthBy RADMIN
# Change DBSource, DBUsername, DBAuth for your database
# See the reference manual. You will also have to
# change the one in SessionDatabse SQL below
# so its the same
DBSourcedbi:mysql:radmin
DBUsername radmin
DBAuth XXX
# You can add to or change these if you want, but you
# will probably want to change the databse schema first
AccountingTable RADUSAGE
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef DNIS,Called-Station-Id
#
# This updates the time and octets left for this user
#
AcctSQLStatement update RADUSERS set
TIMELEFT=TIMELEFT-0%{Acct-Session-Time},
OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets},
OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n'
#
# These are the classic things to add to each users
# reply to allow a PPP dialup session. It may be
# different for your NAS. This will add some
# reply items to everyone's reply
#
AddToReply Framed-Protocol = PPP,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = None,\
Framed-MTU = 1500,\
Framed-Compression = Van-Jacobson-TCP-IP
/AuthBy
AuthBy FILE
Filename /etc/raddb/users
/AuthBy
# Log accounting to the detail file in LogDir
AcctLogFileName /var/log/radacct/dm1/detail
/Realm
# This clause defines an authorisation method that will be used
# by any users in the database with Auth-Type="System". It will
# match the "Identifier System"
AuthBy UNIX
Identifier System
Filename /etc/shadow
/AuthBy
# livingCompat.cfg
#
# This is a simple Radiator config file that allows you
# to continue using a bog standard Livingston or
# similar users file with Radiator, It implements the
# Auth-Type="System" check item by using AuthBy UNIX
#
# You will probably want to change the definitions of
# DbDir, LogDir and the Filename parameters
#
# Author: Mike McCauley ([EMAIL PROTECTED])
# Copyright (C) 1997 Open System Consultants
# $Id: livingCompat.cfg,v 1.3 1999/07/12 02:01:35 mikem Exp $
#Foreground
#LogStdout
Trace 4
DbDir /etc/raddb
LogDir /var/log/radacct
DictionaryFile /etc/raddb/dictionary
# This clause defines a single client to listen to
# You will probably want to change localhost and mysecret
# to suit your site.
Re: (RADIATOR) RE: LDAP and NT
Hi Wilbert.
On Aug 2, 12:01pm, Wilbert de Graaf wrote:
Subject: Re: (RADIATOR) RE: LDAP and NT
Mike,
I'm for sure I don't have an extra character in de the LDAP directory. But I
also figured that it isn't Radiator but the LDAP modules themselves.
If I print ord(chop($value)) it says 0, and if I print length($value) is is
always 1 more than I had in mind. If I run this same script on Unix, I don't
see this '\0' and also length is correct. So the problem is in perl-ldap
instead. I will mail this to Graham Barr.
So, a bogus NUL on the end, hey?
If you can't get any luck from Graham, we could issue a patch that strips any
trailing NULs. I would rather not, but if needed.
Cheers.
- Wilbert
-Original Message-
From: Mike McCauley [EMAIL PROTECTED]
To: Wilbert de Graaf [EMAIL PROTECTED]; [EMAIL PROTECTED]
[EMAIL PROTECTED]
Date: maandag 2 augustus 1999 9:33
Subject: (RADIATOR) RE: LDAP and NT
Hi Wilbert,
This is very puzzling to us. We have not seen it before, and we are
unsure what
the right way to deal with it.
Can you tell us exactly what whitespace characters are trailing your
fields,
and how you loaded the data in to the LDAP server? Are you sure that the
data
in the LDAP server does not have trailing whitespace?
Thanks for reporting this. I hope we will be able to get to the bottom of
it
soon.
Cheers.
On Jul 30, 9:03am, Wilbert de Graaf wrote:
Subject:
We have Radiator running on both Linux and NT, and authenticate against
the
Microsoft LDAP server, using the AuthbyLDAP clause. With Radiator on
Linux,
everything was okay but when we tried it on NT, every authentication
request
was rejected.
When I looked into the logfile, I noticed there was an extra whitespace
at
the end of every value. I tried to use AuthbyLDAP2 instead, but the same
there.
When I changed AuthLDAP.pm on NT a little bit it worked, but this is not
a
general solution. The code was something like:
#file "AuthLDAP.pm"
sub finduser {
#...
if ($ent) {
#...
for (...) {
my @vals = ldap_get_values($self-{ld}, $ent, $ber);
chop @vals;
}
}
}
The only thing I added was the "chop @vals;". This is okay on NT, but
wrong
on Linux.
- Wilbert
[ Attachment (text/x-html): ".prt3322Cfcbbb" 3019 bytes
Character set: iso-8859-1
Encoded with "quoted-printable" ]
-- End of excerpt from Wilbert de Graaf
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
[ Attachment (text/x-html): 5598 bytes
Character set: iso-8859-1
Encoded with "quoted-printable" ]
-- End of excerpt from Wilbert de Graaf
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Authenticating From Radmin
On Aug 2, 9:43am, Paul Black wrote:
Subject: (RADIATOR) Authenticating From Radmin
I've now got Radmin installed and I'm very pleased with the user interface
and
capabilities. Now I'm trying to get my radius.cfg setup to allow
authentication of a test user and still allowing fallback to authenticating
from the shadow password file for my existing customers. I've attached my
radius.cfg file and the trace logfile output. When I ran the attached config
none of my existing customers could login.
Can anyone tell me how to correct this problem?
You would set up an AuthBy RADMIN followed by an AuthBy UNIX. The AuthByPolicy
would be ContinueWhileReject. Therefore Radiator will first try RADMIN. If that
fails it wil try your shadow file. Acounting will always go to RADMIN:
Realm whatever
AuthByPolicy ContinueWhileReject
AuthBy RADMIN
# As you have it now
/AuthBy
# Fall through to here if rejected by RADMIN
AuthBy UNIX
Filename /etc/shadow
/AuthBy
/Realm
In fact, the only change from the config you sent is the AuthByPolicy, I think
Hope that helps.
Cheers.
Regards. Paul
[ text/plain ] :
# livingCompat.cfg
#
# This is a simple Radiator config file that allows you
# to continue using a bog standard Livingston or
# similar users file with Radiator, It implements the
# Auth-Type="System" check item by using AuthBy UNIX
#
# You will probably want to change the definitions of
# DbDir, LogDir and the Filename parameters
#
# Author: Mike McCauley ([EMAIL PROTECTED])
# Copyright (C) 1997 Open System Consultants
# $Id: livingCompat.cfg,v 1.3 1999/07/12 02:01:35 mikem Exp $
#Foreground
#LogStdout
Trace 4
DbDir /etc/raddb
LogDir/var/log/radacct
DictionaryFile /etc/raddb/dictionary
# This clause defines a single client to listen to
# You will probably want to change localhost and mysecret
# to suit your site.
Client xenon
Secret XXX
/Client
Client dm1
Secret XXX
/Client
Client pm1
Secret XXX
/Client
# This clause means we will handle any real that arrives
Realm DEFAULT
AuthBy RADMIN
# Change DBSource, DBUsername, DBAuth for your database
# See the reference manual. You will also have to
# change the one in SessionDatabse SQL below
# so its the same
DBSourcedbi:mysql:radmin
DBUsername radmin
DBAuth XXX
# You can add to or change these if you want, but you
# will probably want to change the databse schema first
AccountingTable RADUSAGE
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef DNIS,Called-Station-Id
#
# This updates the time and octets left for this user
#
AcctSQLStatement update RADUSERS set
TIMELEFT=TIMELEFT-0%{Acct-Session-Time},
OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets},
OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n'
#
# These are the classic things to add to each users
# reply to allow a PPP dialup session. It may be
# different for your NAS. This will add some
# reply items to everyone's reply
#
AddToReply Framed-Protocol = PPP,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = None,\
Framed-MTU = 1500,\
Framed-Compression = Van-Jacobson-TCP-IP
/AuthBy
AuthBy FILE
Filename /etc/raddb/users
/AuthBy
# Log accounting to the detail file in LogDir
AcctLogFileName /var/log/radacct/dm1/detail
/Realm
# This clause defines an authorisation method that will be used
# by any users in the database with Auth-Type="System". It will
# match the "Identifier System"
AuthBy UNIX
Identifier System
Filename /etc/shadow
/AuthBy
[ text/plain ] :
# livingCompat.cfg
#
# This
(RADIATOR) PHP+Mysql+Radiator
Hi, I'm in the process of writing a custom web interface for radiator+mysql. I'm pretty much done but I have a couple questions. With so many people using the database and authentication happening at the same time...should I lock the database while someome is writing to it? Matthew Chambers NOC Manager The PressRoom Online Services p:703.631.5755 x3001 f:703.818.1277 The box said "Windows 95 or better." So, I installed Linux. === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) PHP+Mysql+Radiator
On 02-Aug-99 Matt Chambers wrote: With so many people using the database and authentication happening at the same time...should I lock the database while someome is writing to it? no worries, mysql does internal locking :) Ricardo. --- -- E-Mail: Ricardo Kustner [EMAIL PROTECTED] Date: 02-Aug-99 Time: 17:03:52 This message was sent by XFMail -- === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Radmin Up And Running
Mike, I now have Radmin up and running with customers being authenticated from the mysql database. I am quite impressed. There are a couple of things which would be good for you to change though: Where user connection times are displayed, currently they are in seconds. It would be more useful if they were displayed in a HH:MM:SS format. Where inbound and outbound traffic is displayed, currently it is in bytes. It would be better if it were displayed in a format of MB's with three decimal digits, ie 124.123 MB is much easier for me to read than 124123876 bytes. On the add user window, a field of user group is needed, this would be analogous to the Unix group and would then allow me to later make user group policy decisions in Radiator, ie email a warning after a certain amount of usage, disallow access after a larger amount of usage, a different policy for Trial logins and so on. Let me know your thoughts on the above. Regards. Paul === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Radmin Up And Running
On Mon, 2 Aug 1999, Paul Black wrote: Mike, I now have Radmin up and running with customers being authenticated from the mysql database. I am quite impressed. There are a couple of things which would be good for you to change though: Where user connection times are displayed, currently they are in seconds. It would be more useful if they were displayed in a HH:MM:SS format. Where inbound and outbound traffic is displayed, currently it is in bytes. It would be better if it were displayed in a format of MB's with three decimal digits, ie 124.123 MB is much easier for me to read than 124123876 bytes. Maybe make this a user-configurable item, ala printf-type formatting strings? Just a thought. -- Devin L. Ganger, Chief Systems Administrator, Premier1 Internet Services "Fear leads to anger. Anger leads to hate. Hate leads to using Windows NT for mission-critical applications." -- What Yoda *meant* to say === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) erpcd
I have erpcd running on a Bay4000 (Xylogics) remote annex. When configured to log with radius I get frequent occurrences of: normal stuff Acct-Status-Type = Stopetc Called-Station-Id = "1322142551911762122551912152551916234163714821225519115923108176212255191"etc Class="21225519148882122551912141861181522122551918212255191etc Acct-Session-Time = 0 Acct-Input-Packets = 1379 Acct-Output-Packets = 1549 etc What is all that "132214255191 stuff and why is Acct-Session-Time = 0 Is erpcd on this device really capable of radius logging? David Booth Goulburn Internet
(RADIATOR) Timestamp and mySQL datetime
I collect stop records and insert into a mySQL table. I want a column for intime (type datetime) that should be: intime = Timestamp - Acct-Session-TimeI'm using a temp table for the radius log and a mySQL INSERT to my table because when I try to insert with the calculation I get a lot of zero or empty entries. Anyone have any experience with this kind of calculation? David Booth Goulburn Internet
Re: (RADIATOR) Timestamp and mySQL datetime
On Tue, 3 Aug 1999, David Booth wrote: I collect stop records and insert into a mySQL table. I want a column for intime (type datetime) that should be: intime = Timestamp - Acct-Session-Time I'm using a temp table for the radius log and a mySQL INSERT to my table because when I try to insert with the calculation I get a lot of zero or empty entries. Anyone have any experience with this kind of calculation? I just store the stop_time and the call_duration in our sql table; storing the start_time as well would be redundant. Rather than performing the calculation at insert time, I just calculate it at query time if I need it. === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Max. Authentication Sessions
Dear Gentilmen
I'm having a problem with radiator, sometimes he stops answering to
authentication requests and I have to stop and start the service (sometimes more
then once) for radiator to start working again.
I have something around 120 phone lines that users use to connect to the
internet at my ISP and all incoming access requestsare passing through
Radiator for authentication. Does someone know of a maximum limite of request
radiator can handle at a time. Is there a work-around this. I have
radiatorinstalled on a Windows NT 4.0 Server running SP5.
And bellow is my config file:
§
ForegroundLogStdoutTrace
4LogDir
c:\radiator\malbanet\logLogFile
%L\%Y%m%d.logDbDir
c:\radiatorDictionaryFile %D\dictionary.nt
Client x.x.x.xSecret mysecret
/ClientClient x.x.x.xSecret
myseret/ClientClient x.x.x.xSecret
mysecret/Client
Realm
DEFAULTRewriteUsernametr/[A-Z]/[a-z]/AuthByPolicy
ContinueUntilAccept
AuthBy SQLAuthSelectDBSource
dbi:ODBC:AcessosAccountingTable ConexAcctColumnDef
SessionID,Acct-Session-IdAcctColumnDef
TIME_STAMP,Timestamp,integerAcctColumnDef
StatusType,Acct-Status-TypeAcctColumnDef
UserName,User-NameAcctColumnDef
SessionTime,Acct-Session-Time,integerAcctColumnDef
InPackets,Acct-Input-PacketsAcctColumnDef
OutPackets,Acct-Output-PacketsAcctColumnDef
FoneID,Calling-Station-IdAcctColumnDef
IpAddress,Framed-IP-AddressAcctColumnDef
TIME_STAMP,Timestamp,formatted-date,('%e %m %Y
%H:%M:%S')/AuthBy
AuthBy FILEFilename
%D/userxDefaultSimultaneousUse 5/AuthBy
#AuthBy FILE#Filename
%D/usery#DefaultSimultaneousUse 1#/AuthBy
AuthBy NTIdentifier
nt/AuthBy
# 1 Log accounting to the detail file in
LogDirAcctLogFileName %L\%Y%m.act
# 2 Log accounting to the detail file in
LogDirAcctLogFileName %L\%Y%m%d.act
/Realm
§
Thanx for Reading
Best Regards
Michael GattiMalbanet Serviços Online[EMAIL PROTECTED] \ [EMAIL PROTECTED]
Re: (RADIATOR) Max. Authentication Sessions
Hello Michael -
On Tue, 03 Aug 1999, Michael Gatti wrote:
%_Dear Gentilmen
I'm having a problem with radiator, sometimes he stops answering to authentication
requests and I have to stop and start the service (sometimes more then once) for
radiator to start working again.
I have something around 120 phone lines that users use to connect to the internet at
my ISP and all incoming access requests are passing through Radiator for
authentication. Does someone know of a maximum limite of request radiator can handle
at a time. Is there a work-around this. I have radiator installed on a Windows NT 4.0
Server running SP5.
And bellow is my config file:
Your configuration file looks fine. It doesn't sound to me like there is a
problem with Radiator itself - rather something else is causing the problem.
Could you please send us a debug output at Trace level 4 showing what is
happening when things stop working? Things I can think of include disk space,
SQL problems, or operating system difficulties.
thanks
Hugh
§
Foreground
LogStdout
Trace 4
LogDir c:\radiator\malbanet\log
LogFile %L\%Y%m%d.log
DbDir c:\radiator
DictionaryFile %D\dictionary.nt
Client x.x.x.x
Secret mysecret
/Client
Client x.x.x.x
Secret myseret
/Client
Client x.x.x.x
Secret mysecret
/Client
Realm DEFAULT
RewriteUsername tr/[A-Z]/[a-z]/
AuthByPolicy ContinueUntilAccept
AuthBy SQL
AuthSelect
DBSource dbi:ODBC:Acessos
AccountingTable Conex
AcctColumnDef SessionID,Acct-Session-Id
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef StatusType,Acct-Status-Type
AcctColumnDef UserName,User-Name
AcctColumnDef SessionTime,Acct-Session-Time,integer
AcctColumnDef InPackets,Acct-Input-Packets
AcctColumnDef OutPackets,Acct-Output-Packets
AcctColumnDef FoneID,Calling-Station-Id
AcctColumnDef IpAddress,Framed-IP-Address
AcctColumnDef TIME_STAMP,Timestamp,formatted-date,('%e %m %Y %H:%M:%S')
/AuthBy
AuthBy FILE
Filename %D/userx
DefaultSimultaneousUse 5
/AuthBy
# AuthBy FILE
# Filename %D/usery
# DefaultSimultaneousUse 1
# /AuthBy
AuthBy NT
Identifier nt
/AuthBy
# 1 Log accounting to the detail file in LogDir
AcctLogFileName %L\%Y%m.act
# 2 Log accounting to the detail file in LogDir
AcctLogFileName %L\%Y%m%d.act
/Realm
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
