[radius] Freeradius/MySql problem

Nick Marino nickm at kryptontech.com
Sat Jul 2 22:30:11 CEST 2005


First you need to have a standard for your accounts you need to decide if 
they should all be uppercase or lower case then restrict the oppisite.

I am not understanding if you are saying you have accounts that some are 
uppercase and some are lower case?

What is your standard?

Nick Marino - IT Solutions
----- Original Message ----- 
From: "Radius" <radius at kingmanaz.net>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Saturday, July 02, 2005 1:23 PM
Subject: Re: [radius] Freeradius/MySql problem


> Yes, I found what you mention below in the radius.conf
>
> I will look through the sql. file also.
>
> I understand this. but if I force lower to RADIUS at kingmanaz.net
> our upstream sees this as an authentication. If the user logs
> in with radius at kingmanaz.net our upstream sees this also as an 
> authentication.
>
> I get double billed.
>
> If I put lower_user & lower_pass to no they still get authenticated.
>
> I need to deny UPPER case.
>
>
>
> Nick Marino wrote:
>
>> This is what I have and it works.
>> Also there are some options in the sql.conf that relate to this make sure 
>> you have the right lines uncommented in there.
>>
>> Open sql.conf and search for lower.
>>
>> Are you sure their is not something in your realms section overriding 
>> this?
>>
>> # This is as close as we can get to case insensitivity.  It is
>> # the admin's job to ensure that the username on the auth
>> # db side is *also* lowercase to make this work
>> #
>> # Default is 'no' (don't lowercase values)
>> # Valid values = "before" / "after" / "no"
>> #
>> lower_user = before
>> lower_pass = before
>>
>>
>> Nick Marino - IT Solutions
>> ----- Original Message ----- From: "Radius" <radius at kingmanaz.net>
>> To: "FreeRadius users mailing list" 
>> <freeradius-users at lists.freeradius.org>
>> Sent: Saturday, July 02, 2005 12:42 PM
>> Subject: Re: [radius] Freeradius/MySql problem
>>
>>
>>> OK, let me try this way, when our wholesale provider receives a realm, 
>>> they know where
>>> to send the request.
>>>
>>> If the user sends RADIUS at kingmanaz.net or radius at kingmanaz.net
>>>
>>> our radius regardless if I have lower_user before/after/no
>>>
>>> They will be authenticated either way.
>>>
>>> If we force it lower on our end, does not force lower on their end.
>>>
>>> It's a mess. They said only this month they were going to issue credits
>>> and that I needed to get my end to deny UPPER case logins.
>>>
>>> I set the lower_user lower and lower_pass to no and a user will
>>> all RADOUS at kingmanaz.net will be authenticated. I guess mysql
>>> doesn't care if it's upper or lower.
>>>
>>>
>>> Nick Marino wrote:
>>>
>>>> In the config file you can set it to force all lower case.
>>>>
>>>> I had this problem and solved it by changing it in the config.
>>>>
>>>> Nick Marino - IT Solutions
>>>> ----- Original Message ----- From: "Radius" <radius at kingmanaz.net>
>>>> To: <freeradius-users at lists.freeradius.org>
>>>> Sent: Saturday, July 02, 2005 12:10 PM
>>>> Subject: [radius] Freeradius/MySql problem
>>>>
>>>>
>>>>> I currently run ver.0.9.3
>>>>>
>>>>> I have MySql database that is used with FreeRadius.
>>>>>
>>>>> What were are having a problem with is that if the
>>>>> user logs in with UPPER-NAME or lower-name
>>>>> either one works.
>>>>>
>>>>> I have tried lower_user & lower_pass before/after/no
>>>>> and the radius system still authenticates all UPPER-CASE.
>>>>>
>>>>> With this we are getting double billed by our wholesale
>>>>> provider because they run unix based also and it sees
>>>>> both as valid log ins because we authenticated them.
>>>>>
>>>>> When we built our MySql we use with the setup in FreeRadius.
>>>>>
>>>>> Has anyone else had this and how did you fix this to keep
>>>>> everyone lower case.
>>>>>
>>>>> Thanks
>>>>> Bob Ross
>>>>>
>>>>> - List info/subscribe/unsubscribe? See 
>>>>> http://www.freeradius.org/list/users.html
>>>>>
>>>>>
>>>>> -- 
>>>>> No virus found in this incoming message.
>>>>> Checked by AVG Anti-Virus.
>>>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>
>>> - List info/subscribe/unsubscribe? See 
>>> http://www.freeradius.org/list/users.html
>>>
>>>
>>> -- 
>>> No virus found in this incoming message.
>>> Checked by AVG Anti-Virus.
>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>>
>>
>>
>>
>
> - List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
>
>
> -- 
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
> 



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005




More information about the Freeradius-Users mailing list