Hello Charles -
On Thu, 20 Jul 2000, Charles Sprickman wrote:
> Hi,
>
> Our adduser script periodically formats (removes certain GIDs/UIDs) then
> copies and chowns master.passwd for radiator. So far, we've had no
> problems with this until today. At exactly the time of file creation,
> radia
> As per my previous mail, I don't think what you are proposing is really what
> you want to do.
> Third - introducing an intermediate state of 1 causes a race condition which
> will undoubtedly create duplicate addresses, as there is a timing window
> between the Access-Accept and the Accounting
>
> BTW - SQL databases are *much* better for managing user populations.
>
And the next quantum leap in this particular area is called Directory, with an LDAP
interface.
:-)
Ingvar
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EM
Hello William -
Thanks for sending the log file.
The log shows that the user is indeed being rejected by the first AuthBy
clause, but your configuration file has an AuthByPolicy of ContinueUntilAccept,
so it goes on to the next AuthBy clause which then accepts the user. Radiator
is doing exactl
Hello Mark -
On Thu, 20 Jul 2000, Orcon Network Coordinator, Mark Mackay wrote:
> > As per my previous mail, I don't think what you are proposing is really what
> > you want to do.
>
> > Third - introducing an intermediate state of 1 causes a race condition which
> > will undoubtedly create dup
We have a problem regarding simultaneous logins.
One of our users did the following:
Logged in once using his normal username, eg. "user"
..and then logged in successfuly using the same username with additional
trailing spaces: "user".
When radiator writes the accounting records to the SQL o
Hi Hugh,
I have configured the Radiator Radius successfully in AIX4.3.1 but it is
taking a lot of resources ( 80-90% of CPU by perl-radiator ). This causes
Radiator to stop responding to "Start" accounting packets though it
responds to the "Stop" accounting packets. I need to "kill -HUP
radiusd.pi
Hello
We finally have our Radiator radius server up and running and it seems to
work well. I have noticed, however, errors like this in the logfile:
INFO: Access rejected for : Check item Service-Type expression
'Framed-User' does not match '' in request
I am assuming that is because we have t
Hugh,
The AuthByPolicy of ContinueUntilAccept clause was in the radius.cfg file
from early attempts at setting up the cfg file. I have removed it.
We want to accomplish checking of simultaneous use across all of our NAS'S.
All of our users have an UNIX login entry in /etc/passwd|shadow. Our use
Hi,
Thanks to everyone who offered help with the simultaneous use
stuff. After throwing the question out to the general community, I
decided to see if I could find anything else out while I waited on a
response. I ran across the NasType setting. I changed it from
"Hiper" to "TotalC
On Thu, 20 Jul 2000, Hugh Irvine wrote:
> There must be a race condition between the modification time on the file
> changing and the actual contents of the file being available. I think I might
> add a line to your script to "touch" the file after the processing is
> completed. This will ensure
On Thu, 20 Jul 2000, Hugh Irvine wrote:
> A better approach to maintaining session database coherency is to use
> strict checking of the NAS. This is what the NasType parameter is used
> for in the Client clauses (see section 6.4.5 in the Radiator 2.16.1
> reference manual). Note that there is a
On Thu, 20 Jul 2000, Nikos Aslanakis wrote:
> We have a problem regarding simultaneous logins. One of our users did
> the following:
>
> Logged in once using his normal username, eg. "user" ..and then logged
> in successfuly using the same username with additional trailing
> spaces: "user "(
On Thu, 20 Jul 2000, Charles Sprickman wrote:
> What about locking? I was considering just holding a lock on the file
> until I've finished writing it... Would that also accomplish the same
> thing?
As far as I'm aware, Radiator does *not* support locking at all. We had
to modify ours to 'flo
Hello Dave -
On Fri, 21 Jul 2000, David Lloyd wrote:
> On Thu, 20 Jul 2000, Charles Sprickman wrote:
>
> > What about locking? I was considering just holding a lock on the file
> > until I've finished writing it... Would that also accomplish the same
> > thing?
>
> As far as I'm aware, Radia
Hello again Mark -
Further to this post from yesterday, I was thinking some more about the
discussions Mike and I had while doing this address allocation feature and what
we decided was this: Because radius is based on UDP and because packets can and
will go missing, there is no way to determine
Hello Charles -
On Fri, 21 Jul 2000, Charles Sprickman wrote:
> On Thu, 20 Jul 2000, Hugh Irvine wrote:
>
> > There must be a race condition between the modification time on the file
> > changing and the actual contents of the file being available. I think I might
> > add a line to your script
Hello David -
On Fri, 21 Jul 2000, David Lloyd wrote:
> On Thu, 20 Jul 2000, Hugh Irvine wrote:
>
> > A better approach to maintaining session database coherency is to use
> > strict checking of the NAS. This is what the NasType parameter is used
> > for in the Client clauses (see section 6.4.5
Hello Nikos -
Several similar questions have come up recently, and my response has always
been this: why not set up a Handler clause to catch the illegal usernames and
reject them out of hand? The list in the Handler below will match on any
character other than "a-z", "A-Z", "0-9", "-", "_", "@"
Hello Dan -
On Fri, 21 Jul 2000, -=X=- wrote:
> Hello
>
> We finally have our Radiator radius server up and running and it seems to
> work well. I have noticed, however, errors like this in the logfile:
>
> INFO: Access rejected for : Check item Service-Type expression
> 'Framed-User' does not
Thanks for the response Hugh!
> The problem you have is due to the way you have configured your users file -
> you must have those users (or a DEFAULT) with the Service-Type=Framed-User on
> the first line of the definition - ie as a check item.
Hmm, here is my DEFAULT:
DEFAULT Auth-Type = Syst
Hi Dan -
On Fri, 21 Jul 2000, -=X=- wrote:
> Thanks for the response Hugh!
>
> > The problem you have is due to the way you have configured your users file -
> > you must have those users (or a DEFAULT) with the Service-Type=Framed-User on
> > the first line of the definition - ie as a check it
Hello Deepak -
On Fri, 21 Jul 2000, Deepak Shrestha wrote:
> Hi Hugh,
> I have configured the Radiator Radius successfully in AIX4.3.1 but it is
> taking a lot of resources ( 80-90% of CPU by perl-radiator ). This causes
> Radiator to stop responding to "Start" accounting packets though it
> res
Hello William -
What you are describing below can be accomplished very easily by using a
Session Database. I have posted several responses to the list about this topic
over the last couple of days. Have a look at those and get back to me if you
have any other questions. Note that the session dat
24 matches
Mail list logo
