SV: Outpairs not working on external script when user is located in MYSQL
Thomas Raabo - Zitcom A/S
tr at zitcom.dk
Tue Oct 9 15:47:43 CEST 2012
> Here is my External module
>
> exec MOTP {
> wait = yes
> program = "/etc/raddb/otpverify.sh %{User-Name} %{User-Password} %{reply:Secret} %{reply:Pin} %{reply:Offset}"
What do you think that does? What is "reply:Secret" and "reply:Pin" ?
-Well a select is done on radcheck for the user name. I would think that output_pairs would be filled with attributes from radcheck?
> Mon Oct 8 23:52:57 2012 : Info: [MOTP] expand: %{reply:Secret} ->
> Mon Oct 8 23:52:57 2012 : Info: [MOTP] expand: %{reply:Pin} ->
> Mon Oct 8 23:52:57 2012 : Info: [MOTP] expand: %{reply:Offset} ->
Well, they don't exist, do they?
- Well yes they do they are in the radcheck database
> In /usr/share/freeradius/dictionary I have
>
> $INCLUDE dictionary.motp
Don't do that. There's a dictionary file in raddb/dictionary for a reason. Go read it.
- Well in the CENTOS distribution /etc/raddb/dictionary had one entry $INCLUDE /usr/share/freeradius/dictionary
So are you saying.
ADD
ATTRIBUTE Secret 3001 string
ATTRIBUTE Pin 3002 string
ATTRIBUTE Offset 3003 string
To
/etc/raddb/dictionary
?
Med venlig hilsen | Best regards
Thomas Raabo
Senior Network Engineer CCIE #33466
_____________________________________________
tr at zitcom.dk | Direkte: +45 69 10 60 18 | Tlf.: +45 70 23 55 66
-----Oprindelig meddelelse-----
Fra: freeradius-users-bounces+tr=zitcom.dk at lists.freeradius.org [mailto:freeradius-users-bounces+tr=zitcom.dk at lists.freeradius.org] På vegne af Alan DeKok
Sendt: 9. oktober 2012 15:30
Til: FreeRadius users mailing list
Emne: Re: Outpairs not working on external script when user is located in MYSQL
Thomas Raabo - Zitcom A/S wrote:
> Need som help getting my external script to work
>
> Here is my External module
>
> exec MOTP {
> wait = yes
> program = "/etc/raddb/otpverify.sh %{User-Name} %{User-Password} %{reply:Secret} %{reply:Pin} %{reply:Offset}"
What do you think that does? What is "reply:Secret" and "reply:Pin" ?
> Mon Oct 8 23:52:57 2012 : Info: [MOTP] expand: %{reply:Secret} ->
> Mon Oct 8 23:52:57 2012 : Info: [MOTP] expand: %{reply:Pin} ->
> Mon Oct 8 23:52:57 2012 : Info: [MOTP] expand: %{reply:Offset} ->
Well, they don't exist, do they?
> In /usr/share/freeradius/dictionary I have
>
> $INCLUDE dictionary.motp
Don't do that. There's a dictionary file in raddb/dictionary for a reason. Go read it.
> And from my
>
> Dictionary.motp
>
> #
> ATTRIBUTE Secret 960 string
> ATTRIBUTE Pin 961 string
> ATTRIBUTE Offset 962 string
Which is wrong. It's been wrong for pretty much a decade.
Read raddb/dictionary for instructions on creating attributes which work.
> All my configuration is based on
>
> http://nicoblog.goralski.fr/tag/Radius
That web site is wrong. Read the *FreeRADIUS* documentation for instructions on how to properly edit the dictionaries.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list