I have a existing session database. I am now to the
point where I need to control MaxSessions.
When i add the MaxSessions 1 to my conf. file I get
ALOT of people that can't login because it believes the user is still online or
maxsession is exceeded. I know for a fact that these users are n
Frank, List,
Here is a snippet of my clients.cfg file
(attached). All of my client entries look like what i attached.
Dan
- Original Message -
From:
Frank
Danielson
To: Dan ; [EMAIL PROTECTED]
Sent: Monday, March 03, 2003 1:31
PM
Subject: RE: (RADIATOR) Session
there a better way for me to be denying mailbox only/web only accounts
from dialup? I was just giving them the Auth-Type: Reject check. Any
suggestions on my method or the above strangeness would be appreciated.
Dan <[EMAIL PROTECTED]>
Network Systems En
On Tue, 27 Jun 2000, Hugh Irvine wrote:
> Hello Dan -
>
> On Sun, 25 Jun 2000, [EMAIL PROTECTED] wrote:
> > This seems odd to me.
> >
> > 1-
> > Manual 6.31.11 CheckAttr checkitems
> > Radiator Config:CheckAttr dialup
> > LDAP:
Our users are getting sick and tired due to RADIUS service
unavailability every time something happens to the network where the
database server sits, or the database server itself. To remind, we use
LDAP for authentication, and SQL Server for sessions/logging. LDAP has
been great, where database co
Hugh Irvine wrote:
>
> Hello Dan -
>
> It would be fairly simple to have Radiator write to a flat file for
> accounting, and then have a cron job or similar load the data into the
> database periodically. You will find a simple utility to do this in the
> file "good
Hugh Irvine wrote:
>
> Hello Dan -
>
> It would be fairly simple to have Radiator write to a flat file for
> accounting, and then have a cron job or similar load the data into the
> database periodically. You will find a simple utility to do this in the
> file &
Hugh Irvine wrote:
>
> Hello Wesley -
>
> If the SQL database access times out, Radiator by default will wait 10
> minutes before trying again.
>
> You can adjust the Timeout and FailureBackoffTime parameters in the
> AuthBy SQL clause.
>
> See sections 6.28.4 and 6.28.5 in the Radiator 3.6 r
Hello,
Is it possible to use different authentication methods based on username.
ie usernameA authenticates to serverA
and usernameB authenticates to serverB ??
thanks
regards
Dan
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email
sees, but that's just a hunch. I'm not sure how to
determine what's making it want to restart.
Any help would be much appreciated!
Thanks,
-Dan
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
Thanks Hugh, that was the help I needed. That quickly pointed out that
IO-Socket-SSL somehow didn't get installed. I installed it and now everything
is working great. Much appreciated!!
-Dan
--- On Fri, 9/17/10, Hugh Irvine wrote:
> From: Hugh Irvine
> Subject: Re: [RADIATO
?
I am hoping to get single signon to the windows domain.
thanks
dan boucaut
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
First, let me add my praise about this product to the already long list.
We're evaluating Radiator. This is the best commercial server product I have
ever dealt with, great job! Finally a RADIUS server that's almost, if not,
perfect. Rock on!
Anyway, we use FreeTDS for PHP scripts, and some t
Hugh Irvine writes:
> BTW - you say that Radiator is *almost* perfect - we would be keen to hear
> any suggestions for improvements.
>
> regards
>
> Hugh
Hi Hugh,
: I'd like to be able to fork an external program, and pipe
the log data to it for logging, instead of logging directly to a
We have a few realms like m_devn and devn. So they're prefixes, not suffixes
after "@", but with ".". For example m_devn.dan. What's the best way to
handle something like this? Rewrite them in the client interface config to
something @m_devn?, then handle with later?
===
Archive at http://www
Hugh Irvine writes:
>
> Hello Dan -
>
> You can either do what you describe (probably with a single global
> RewriteUsername), or you can use Handlers with regular expressions.
>
> Ie.
>
>
Which is more efficient rewrite and , or ? Thanks.
===
Archiv
Check if it's blocked by a disk or a database.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
find out where the packets are
coming from?
thanks
Dan Boucaut
Tue Mar 26 08:52:43 2002: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 43066
Code: Access-Request
Identifier: 193
Authentic: 1234567890123456
Attributes:
User-Name = "mikem"
Service-Typ
Hi. We want to log accounting to our SQL DB, but we are using LDAP DB for
authentication. What can we do? doesn't mention
AccountingTable functionality from . Thanks.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTEC
Hugh Irvine writes:
>
> Identifier SQLAccounting
> ..
> AuthSelect
> AccountingTable ACCOUNTING
> AcctColumnDef .
> ..
>
>
> AuthByPolicy ContinueAlways
> AuthBy SQLAccounting
> AuthBy CheckLDAP
> .
>
Thanks. It'
Hi.
A few questions:
How to log failed attempts to an SQL database?
The table will look something like this:
Column_nameType Length Nullable
-- - --- ---
LoggedAt datetime 8yes
User_Name
Hi.
I need to log active handler identifier to the SQL table. In other words,
the handler where the failure occurs should be logged. What do I need to do?
I read documentation, but it's not exactly clear to me as how to do it.
--
History has shown that the road to injustice is frequently li
Hi. Here's what required by our installation. We have our account entries in
the LDAP directory. Every account can be authenticated using RADIUS for
several services like VPN tunnels, dial-up etc. There needs to be an
expirattion date for each type of service. IOW there's a different
expiratio
Does Radiator allow CHAP passwords with LDAP databases? Thanks.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Hugh Irvine writes:
>
> Hello Dan -
>
> You can use CHAP with any database, however the password stored therein
> *must* be in cleartext, as you can only use cleartext passwords with CHAP.
>
> regards
>
> Hugh
The problem is all our dial-ups have hashed passw
Ayotunde Itayemi writes:
> Hi,
>
> Depending on your patience, number of clients and time, you could get Mobius
> Freeware's
> w32crack - run it continuously for a few days after extracting the username
> and encrypted
This cannot help us, since we do not use NT user database.
===
Archive at
I noticed the perl process is growing linearly as the requests come in.
Grows in size quite rapidly, eventually needs to be restarted. I suspected
FreeTDS or OpenLDAP libraries (and these may too have leaks and probably do,
but that testing is later).
To see if it could be something else, I
Hugh Irvine writes:
>
> Hello Dan -
>
> Mike is travelling this week, but he will look at this when he returns.
>
> In the meantime, can you please tell me how you are testing? And could you
> also send me the details of how you are testing and the outputs of "
Hi. Is it possible to quickly disable persistent connections for SQL
logging? Persistent connections do not work well with our SQL Server,
since they time out. Short failure backoff times do not help either
since I think any DB connection failure trips the RADIUS authentication code
on the devices
Hugh Irvine wrote:
>
> Hello Dan -
>
> Can you please tell me what database you are using and what platform?
>
> thanks
>
> Hugh
I thought SQL Server implied MS SQL Server :). This is FreeBSD. Anyway,
we need connect-log-disconnect behavior instead of the current
imp
Mike McCauley wrote:
> Its a first for me too.
> I could conceive of a 'DisconnectAfterQuery' flag that would disconnect after
> every SQL query was finished, but Im reluctant to add it since I dont think
> it would be widely useful, and when it was used it would significantly slow
> things dow
Mike McCauley wrote:
> On Wed, 28 Aug 2002 08:32, Hugh Irvine wrote:
> > Hello Dan -
> >
> > I would have to suggest that you use a more sensible database.
>
> Of course that there might be other reasons that prevent you from doing that.
>
> I am a bit puzzle
Hugh Irvine wrote:
>
> Hello Paul -
>
> I will need to know what hardware/sorftware platform you are using and I
> will need to see a copy of your configuration file (no secrets) together
> with a trace 4 debug showing what is happening. I will also need to know
> what version of Radiator you
Paulo Sousa wrote:
>
>
> Hi Dan
>
> I'm using a linux box that auths on M$ SQL Server. :)
>
> Paulo Sousa
>
We have exactly the same problem. You are using FreeTDS?
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
Mike McCauley wrote:
> Hi Dan,
>
> OK,
>
> here is a new version of SqlDb.pm that implements a new DisconnectAfterQuery
> flag. This will cause AuthBy SQL and other SQL users to disconnect after
> every SQL 'do' and after every 'getOneRow'.
>
>
Patrick Muldoon(NOC) wrote:
> We use DBD::Sybase with FreeTDS to connect to MSSQL Server 2000 from
> FreeBSD, and it works great, have never had any trouble.
>
> What version of FreeTDS are you using?
>
> You can also do some debugging with FreeTDS to see if it is the one
> hanging.
> http://w
Paulo Sousa wrote:
>
> Dan
>
> I'm currently use libdbd-sybase-perl (that depends freetds), running
> debian GNU/Linux woody 3.0 :)
> Do u know how i can resolve that???
Not yet.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED
Marcel Brown wrote:
> A few more questions regarding Mac OS X and MS SQL access
>
> If connecting to MS SQL from ODBC on UNIX requires an ODBC driver,
> where can I get a driver? Do people here have experience with this on
> Mac OS X?
>
> I keep reading that DBD-Sybase is compatible with MS-SQL
Im running into a problem with not being to authenticate via test utilty.
Here is my config file... Im wanting to authenticate and do accounting out of
the MSSQL db. I can start up radiusd with no problems and no errors until i
try running a testuser through test utility..I get "bad authenticator
Hi. Our Radiator needs to authenticate more that one service from the same
realm. We need to guarantee that a user can get one session per each
service with the same account, but only one session. For example, once a
user has authenticated for dial-up, he wants to use a VPN client - one
more sessio
> StatsLog clause. And if you want a tool to restart Radiator
> automatically and let you know why it did so, you should use the
> "restartWrapper" utility provided in the goodies directory for this
> purpose. See the relevant sections of the Radiator 3.4 reference manual.
Another (very conveni
Tony Bunce wrote:
> We have radiator setup on two servers using a MS SQL server for user
> authentication and mysql for accounting.
If you're using unixODBC 2.2.3 or earlier, upgrade.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email
Matthew Hobbs wrote:
> Currently I'm using DBI:Sybase on Mandrake 8.2 to connect to MS SQL 6.5
> All works well
> Looking at FreeTDS (0.6) its says it can connect to SQL 2000 using DBI::Sybase
> is this true ?
This is a question for the FreeTDS list. I just tried FreeTDS 0.53, with
TDS version set
Enrique Diez wrote:
> Hi All,
> I would like to know if there is an LDAP-Attribute (customized or
> standarized) in order to define the kind of authentication required for an
> user entry.
> For example, a user LDAP entry can be validated by the Radiator Radius
> Server via /etc/unix/password or a
I am tidying up my configuration files, and I find that GlobalVars don't
work everywhere. I look at the documentation, and it doesn't tell me
where they do not work. Variables like LDAP passwords and filters
that I found by trial and error do not work. LDAP host does work, but
then, in the log file
Matthew Trout wrote:
> I'd suggest dumping openlink as well; it's overpriced and the windows side
> (last time I had to suffer it) was far from production-grade reliability. If
> you're trying to connect to an MS SQL Server from *n?x, I've found FreeTDS
> (www.freetds.org) to be far superior, and a
Matthew Trout wrote:
> > Of course Easysoft OOB is even better as far as
> > compatibility/reliability are concerned, albeit at a higher cost.
>
> You're kidding, right?
>
> In production use, Easysoft is absolutely lovely bar for one minor 'feature'
> (at least in the version I had) - if the NT
>
> Hmm ... I guess the answer is YMMV, then.
>
> To anyone looking for solutions like this, I would say that Easysoft were
> very helpful getting their stuff up and running, and your best bet is
> probably to try both. It was certainly better than Openlink, and I believe
> their pricing is more
We are getting into compatibility problems with different Ascend NASes
from our providers, which requires us to run different AuthBy for each.
Since we use them with the same realms, what is the best way to
differentiate NASes? Rewrite realms to something weird like
realm.com-provider in the s? An
Hugh Irvine wrote:
>
> Hello Dan -
>
> The best way to do this sort of thing is like this:
>
> # define Client clauses
>
>
> Identifier Ascend-Type-A
> .
>
>
> AuthBy Auth-Ascend-Type-A
> ..
>
Ouch, I missed
Tim Jung wrote:
> I found this out from the author of the DBD::Sybase module. He posted this
> to the FreeTDS mailing list back in October 2002. He is specifically
> talking about the errors that are generated when you run the 'make test'
> option on the DBD::Sybase module using FreeTDS.
>
> So it
Tim Jung wrote:
> I am still stuck if anyone has any suggestions.
First, you need to be asking these questions on the FreeTDS mailing
list. Other than that, I would compile sqsh against the FreeTDS library,
and use sqsh to log in with the SQL Server account and database to
verify access. You can a
Would it be feasable to add locking to SessDBM such that we have
multiple readers and one writer to the DBM file? The session
database doesn't need any relational features, and the related bloat and
bugs. Look at what it takes just to set up a reliable database connection.
===
Archive at http://www
Hugh Irvine wrote:
>
> Hello Dan -
>
> DBM locking is not supported and we find that most Radiator users have
> an SQL database for billing and customer management already, so an SQL
> session database (which supports locking, multiple access, etc.) tends
> to make more
I need to log to stdout without the timestamp (because I use multilog
for automatic rotation and TAI timestamps), so here is NoTimestamp. Hope
it's okay to send to the mailing list, and it's useful to someone.
--- Log.pm Wed May 22 22:03:18 2002
+++ /usr/local/lib/perl5/site_perl/5.8.0/Radius
r server and the sql server are robust machines showing little
load.
What would cause this?
Why would it work after stop/starting it numerous times?
Dan
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
install script or figured out a good "install tree" method.
Thanx,
Dan Sherwood
Adelphia Communications
Lead Product Network Engineer
Phone - (716)433-1336
Pager - (800) 804-9998
e-mail - [EMAIL PROTECTED]
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, ema
200 as the authenticator. Any
suggestions appreciated.
Dan
Tue Aug 6 15:39:07 2013: DEBUG: Packet dump:
*** Received from 172.16.240.2 port 20009
Code: Access-Request
Identifier: 214
Authentic: an<4><249>@J<4>Zd<229>e1Z#<0>Y
Attributes:
NAS-Port-Id =
I recently purchased Radiator for use with 3Com Total Control. I read in
the revision history that you no longer need to use pmwho to limit
sessions. Instead, the Nas-Type of TotalControlSNMP can be used. How is
this configured? Do I just add this to and I'm done?
Thank You,
Dan She
long as I don't use subdomains.
Any suggestions?
Of course, I am expecting "don't use subdomains" as a response from a few of the
creative people.
Thanks!
Dan Vande More
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
9");
I'm debating the fact that it is their router. It seems they have a Cisco 803, and
though there are bugs, none of them point to this issue. Nor was I able to find
anything close.
Hints? Suggestions?
Thanks!
Dan Vande More
Debug info from issue #1:
Mon Aug 4 14:43:45 2003:
w log file?
Additionally, are these numbers in seconds (Another assumption I'm making)?
If so, then my math(bc 1.06) shows:
720306/60
12005
12005/60
200
So this user has had 200 hours of active session time?
Thanks!
Dan Vande More
===
Archive at http://www.open.com.au/archives/radiator/
Announce
ar to accept it until I threw these lines into my
authby sql realm dsl.mydomain.com:
.
AddToReply Service-Type = Framed-User, \
Framed-Protocol = PPP
Thanks!
Dan Vande More
-Original Message-
From: Hugh Irvine
.
You may get even better luck turning on query caching, which can improve speed
substantially.
http://www.eweek.com/article2/0,3959,293,00.asp
http://www.mysql.com/information/benchmarks.html
-Dan
Queries per second avg: 40.143
-Original Message-
From: DUFOUR Geoffrey [mailto:[EMAIL
wrong with the database.
This is the observed behavior of 3.3.1.
I understand the reasoning for your question, and hope this helps.
If you need something to monitor hardware failure, application failure, etc., I
suggest trying Big Brother/Nagios, or any number of snmp applications.
Dan Vande More
Hugh, I don't mean to challenge, but isn't this what she wants?
Ascend-Maximum-Time="28800"
Thanks!
Dan Vande More
-Original Message-
From: Hugh Irvine [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 23, 2003 4:01 PM
To: Mukesh Karna
Cc: [EMAIL PROTECTED]
Su
Holy
cow! Close your open relay and maybe more people will see your
questions!
Anyway, you should be able to use perl to handle this,
it should do just fine.
Dan
X-Spam-Flag: YESX-Spam-Report:
Spam detection software, running on the system "relay1.firstlink.com",
has ident
copy into to the main dictionary to accommodate this?
Thanks in advance for your help.
Dan Lee Dimke
Future-World.com
Irving, TX USA
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscr
68 matches
Mail list logo
