Arran, </:includetail> Thanks a lot again.</:includetail> </:includetail> It works.</:includetail> </:includetail> As what you advised,</:includetail> </:includetail> 1. edit </:includetail>/usr/local/etc/raddb/sites-available/default, uncomment below sql line.</:includetail> post-auth {</:includetail> ...... #sql ......</:includetail> }</:includetail> 2. edit </:includetail>/usr/local/etc/raddb/sql/mysql/dialup.conf</:includetail> updae postauth_query defination.</:includetail> </:includetail> Very busy these days. So reply late.</:includetail> </:includetail> Tom ------------------ Original ------------------ From: "freeradius-users"<freeradius-users-request@lists.freeradius.org>; Date: Fri, Sep 2, 2011 06:11 AM To: "freeradius-users"<freeradius-users@lists.freeradius.org>; Subject: Freeradius-Users Digest, Vol 77, Issue 5 Send Freeradius-Users mailing list submissions to freeradius-users@lists.freeradius.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-users or, via email, send a message with subject or body 'help' to freeradius-users-request@lists.freeradius.org You can reach the person managing the list at freeradius-users-owner@lists.freeradius.org When replying, please edit your Subject line so it is more specific than "Re: Contents of Freeradius-Users digest..." Today's Topics: 1. How to update a MySql table after successfully WIFI authentication? ( 2394263740 ) 2. Re: How to update a MySql table after successfully WIFI authentication? (Arran Cudbard-Bell) 3. Re: Example configuration that proxy PEAP MSCHAPv2 to an IAS server (Jacob Dawson) 4. Using encrypted passwords in users file (sundoo) 5. cisco 3825 authentication error (Dom) 6. Re: Using encrypted passwords in users file (Paul Bartell) 7. Re: Pre release of 2.1.12 (Alan Buxey) ---------------------------------------------------------------------- Message: 1 Date: Thu, 1 Sep 2011 22:29:11 +0800 From: " 2394263740 " <2394263740@qq.com> Subject: How to update a MySql table after successfully WIFI authentication? To: " freeradius-users " <freeradius-users@lists.freeradius.org> Message-ID: <tencent_3B36E2AF6F7D0370683C1EB1@qq.com> Content-Type: text/plain; charset="iso-8859-1" Hello, I'm using free radius server 2.1.11 on Linux Enterprise Server 6.1. OS: Linux Enterprise Server 6.1 Radius: free radius server 2.1.11 Database: Mysql I got a WIFI network, using one radius server. The whole thing works fine. I got a requirement, which is, after each successful WIFI connection, one record need be added into connectionlog table. CREATE TABLE connectionlog ( radacctid bigint(21) NOT NULL auto_increment, acctsessionid varchar(64) NOT NULL default '', acctuniqueid varchar(32) NOT NULL default '', username varchar(64) NOT NULL default '', groupname varchar(64) NOT NULL default '', realm varchar(64) default '', nasipaddress varchar(15) NOT NULL default '', nasportid varchar(15) default NULL, nasporttype varchar(32) default NULL, acctstarttime datetime NULL default NULL, acctstoptime datetime NULL default NULL, acctsessiontime int(12) default NULL, acctauthentic varchar(32) default NULL, connectinfo_start varchar(50) default NULL, connectinfo_stop varchar(50) default NULL, acctinputoctets bigint(20) default NULL, acctoutputoctets bigint(20) default NULL, calledstationid varchar(50) NOT NULL default '', callingstationid varchar(50) NOT NULL default '', acctterminatecause varchar(32) NOT NULL default '', servicetype varchar(32) default NULL, framedprotocol varchar(32) default NULL, framedipaddress varchar(15) NOT NULL default '', acctstartdelay int(12) default NULL, acctstopdelay int(12) default NULL, xascendsessionsvrkey varchar(10) default NULL, PRIMARY KEY (radacctid), KEY username (username), KEY framedipaddress (framedipaddress), KEY acctsessionid (acctsessionid), KEY acctsessiontime (acctsessiontime), KEY acctuniqueid (acctuniqueid), KEY acctstarttime (acctstarttime), KEY acctstoptime (acctstoptime), KEY nasipaddress (nasipaddress) ) ; Can you please kindly advise how to do this? Which file should be edited? Where is the context to put in the script? What is the script? Thanks! Tom -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20110901/440326d6/attachment.html> ------------------------------ Message: 2 Date: Thu, 1 Sep 2011 16:36:40 +0200 From: Arran Cudbard-Bell <a.cudbardb@freeradius.org> Subject: Re: How to update a MySql table after successfully WIFI authentication? To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <C781BD59-4F30-48C4-B6CC-FF4790379DE1@freeradius.org> Content-Type: text/plain; charset=iso-8859-1 Look in raddb/sql/mysql/dialup.conf The postauth query is the one you need to edit. Then uncomment the 'sql' module in raddb/sites-available/default post-auth { } -Arran Arran Cudbard-Bell a.cudbardb@freeradius.org RADIUS - Half the complexity of Diameter ------------------------------ Message: 3 Date: Thu, 1 Sep 2011 10:40:18 -0400 From: Jacob Dawson <dawson@vt.edu> Subject: Re: Example configuration that proxy PEAP MSCHAPv2 to an IAS server To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <14B9C69C-CB59-4CA7-9F5B-39CD6C81404C@vt.edu> Content-Type: text/plain; charset=us-ascii It's largely successful, but as I mentioned in my note to this group from the 29th, I've run into problems with Windows clients having a disagreement with FreeRADIUS about the final stages of the PEAP-MSCHAPv2 conversation, after IAS has authenticated them successfully. - Jacob On 31 Aug 2011, at 16:32, Alan DeKok wrote:
It really should work... it works for my tests.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
------------------------------ Message: 4 Date: Thu, 1 Sep 2011 08:57:14 -0700 (PDT) From: sundoo <sandu_nastas@yahoo.com> Subject: Using encrypted passwords in users file To: freeradius-users@lists.freeradius.org Message-ID: <1314892634927-4758890.post@n5.nabble.com> Content-Type: text/plain; charset=us-ascii Hello, I'm new to FreeRadius and to linux. Maybe this question will sound stupid, but I really need you help. I have a server running freeradius. These are some outputs of the configuration: *etc/freeradius/radiusd.conf* # passwd = /etc/passwd shadow = /etc/shadow # group = /etc/group */etc/freeradius/users* test1 Auth-Type := Crypt-Local, User-Password := "$1$NzW2iwkn$ygDcJgb4WhAEqQYfySFkj/" Service-Type = Administrative-User, Cajun-Service-Type := 3, */etc/shadow* test1:$1$cnEh49V6$Q.68mw.3P5rgmsfhbo/iC1:15217:0:99999:7::: I would like to change the password for the user test1. But in the users file I see only the encrypted password. Where is the original password stored ? How do I change it ? Thanks a lot for your help. -- View this message in context: http://freeradius.1045715.n5.nabble.com/Using-encrypted-passwords-in-users-f... Sent from the FreeRadius - User mailing list archive at Nabble.com. ------------------------------ Message: 5 Date: Thu, 01 Sep 2011 15:45:02 -0400 From: Dom <dversace@tekcorner.ca> Subject: cisco 3825 authentication error To: freeradius-users@lists.freeradius.org Message-ID: <4E5FE0BE.8010800@tekcorner.ca> Content-Type: text/plain; charset=ISO-8859-1; format=flowed I am trying to terminate vpdn sessions through our cisco 3825 using freeradius. I am new to this whole process and I was hoping to get some assistance with the missing configuration. Below is the error message I am receiving when trying to authenticate via the router. rad_recv: Access-Request packet from host 64.34.66.5 port 1645, id=19, length=135 Framed-Protocol = PPP User-Name = "aewais@domain.com" User-Password = "password" Calling-Station-Id = "bas203300000455" Connect-Info = "1000000000" NAS-Port-Type = Virtual NAS-Port = 532 NAS-Port-Id = "Uniq-Sess-ID532" Service-Type = Framed-User NAS-IP-Address = 64.34.66.5 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] Looking up realm "domain.com" for User-Name = "aewais@domain.com" [suffix] No such realm "domain.com" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop [files] users: Matched entry DEFAULT at line 172 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject # Executing group from file /etc/freeradius/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> aewais@domain.com attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 19 to 64.34.66.5 port 1645 Waking up in 4.9 seconds. Cleaning up request 0 ID 19 with timestamp +381 Ready to process requests. ------------------------------ Message: 6 Date: Thu, 1 Sep 2011 14:54:29 -0700 From: Paul Bartell <paul.bartell@gmail.com> Subject: Re: Using encrypted passwords in users file To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <CAHXqhmh49eNKABTpwmv0Rb1+UX7WPMaN4UB0RQKiiGVSuGoDzg@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1 that is the hashed password. You can change it by generating a hash of your new password... you would probably use crypt(3) to do that... The original password was never stored in cleartext form. You could store a cleartext password if you really wanted to, but that is less than secure. On Thu, Sep 1, 2011 at 8:57 AM, sundoo <sandu_nastas@yahoo.com> wrote:
Hello, I'm new to FreeRadius and to linux. Maybe this question will sound stupid, but I really need you help. I have a server running freeradius. These are some outputs of the configuration:
*etc/freeradius/radiusd.conf* # passwd = /etc/passwd ?shadow = /etc/shadow # group = /etc/group
*/etc/freeradius/users* test1 Auth-Type := Crypt-Local, User-Password := "$1$NzW2iwkn$ygDcJgb4WhAEqQYfySFkj/" ? ? ? ?Service-Type = Administrative-User, ? ? ? ?Cajun-Service-Type := 3,
*/etc/shadow* test1:$1$cnEh49V6$Q.68mw.3P5rgmsfhbo/iC1:15217:0:99999:7:::
I would like to change the password for the user test1. But in the users file I see only the encrypted password. Where is the original password stored ?
How do I change it ?
Thanks a lot for your help.
-- View this message in context: http://freeradius.1045715.n5.nabble.com/Using-encrypted-passwords-in-users-f... Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Random quote of the week/month/whenever i get to updating it: "Quis custodiet ipsos custodes?": "who shall watch the watchers themselves?" - Juvenal ------------------------------ Message: 7 Date: Thu, 1 Sep 2011 23:11:23 +0100 From: Alan Buxey <A.L.M.Buxey@lboro.ac.uk> Subject: Re: Pre release of 2.1.12 To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <20110901221123.GF16795@lboro.ac.uk> Content-Type: text/plain; charset=us-ascii Hi,
it's now running on our most busy server. Both -X and background-multithreaded do their usual job. I do not see any problems so far.
its on one of our production servers and on a couple of other systems. alan ------------------------------ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html End of Freeradius-Users Digest, Vol 77, Issue 5 *********************************************** </:includetail>