Freeradius/MySql problem

classic Classic list List threaded Threaded
32 messages Options
12
| Threaded
Open this post in threaded view
|

Freeradius/MySql problem

radius-4
I currently run ver.0.9.3

I have MySql database that is used with FreeRadius.

What were are having a problem with is that if the
user logs in with UPPER-NAME or lower-name
either one works.

I have tried lower_user & lower_pass before/after/no
and the radius system still authenticates all UPPER-CASE.

With this we are getting double billed by our wholesale
provider because they run unix based also and it sees
both as valid log ins because we authenticated them.

When we built our MySql we use with the setup in FreeRadius.

Has anyone else had this and how did you fix this to keep
everyone lower case.

Thanks
Bob Ross

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

Nick Marino
In the config file you can set it to force all lower case.

I had this problem and solved it by changing it in the config.

Nick Marino - IT Solutions
----- Original Message -----
From: "Radius" <[hidden email]>
To: <[hidden email]>
Sent: Saturday, July 02, 2005 12:10 PM
Subject: [radius] Freeradius/MySql problem


>I currently run ver.0.9.3
>
> I have MySql database that is used with FreeRadius.
>
> What were are having a problem with is that if the
> user logs in with UPPER-NAME or lower-name
> either one works.
>
> I have tried lower_user & lower_pass before/after/no
> and the radius system still authenticates all UPPER-CASE.
>
> With this we are getting double billed by our wholesale
> provider because they run unix based also and it sees
> both as valid log ins because we authenticated them.
>
> When we built our MySql we use with the setup in FreeRadius.
>
> Has anyone else had this and how did you fix this to keep
> everyone lower case.
>
> Thanks
> Bob Ross
>
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>
>



--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
In the radius.conf under lower_user & lower_pass

I tried all three. before/after/no and they will still authenticate
all UPPER CASE.

What other config file are you talking about?

Thanks

Nick Marino wrote:

> In the config file you can set it to force all lower case.
>
> I had this problem and solved it by changing it in the config.
>
> Nick Marino - IT Solutions
> ----- Original Message ----- From: "Radius" <[hidden email]>
> To: <[hidden email]>
> Sent: Saturday, July 02, 2005 12:10 PM
> Subject: [radius] Freeradius/MySql problem
>
>
>> I currently run ver.0.9.3
>>
>> I have MySql database that is used with FreeRadius.
>>
>> What were are having a problem with is that if the
>> user logs in with UPPER-NAME or lower-name
>> either one works.
>>
>> I have tried lower_user & lower_pass before/after/no
>> and the radius system still authenticates all UPPER-CASE.
>>
>> With this we are getting double billed by our wholesale
>> provider because they run unix based also and it sees
>> both as valid log ins because we authenticated them.
>>
>> When we built our MySql we use with the setup in FreeRadius.
>>
>> Has anyone else had this and how did you fix this to keep
>> everyone lower case.
>>
>> Thanks
>> Bob Ross
>>
>> - List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>> --
>> No virus found in this incoming message.
>> Checked by AVG Anti-Virus.
>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>
>>
>
>
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
In reply to this post by Nick Marino
OK, let me try this way, when our wholesale provider receives a realm,
they know where
to send the request.

If the user sends [hidden email] or [hidden email]

our radius regardless if I have lower_user before/after/no

They will be authenticated either way.

If we force it lower on our end, does not force lower on their end.

It's a mess. They said only this month they were going to issue credits
and that I needed to get my end to deny UPPER case logins.

I set the lower_user lower and lower_pass to no and a user will
all [hidden email] will be authenticated. I guess mysql
doesn't care if it's upper or lower.


Nick Marino wrote:

> In the config file you can set it to force all lower case.
>
> I had this problem and solved it by changing it in the config.
>
> Nick Marino - IT Solutions
> ----- Original Message ----- From: "Radius" <[hidden email]>
> To: <[hidden email]>
> Sent: Saturday, July 02, 2005 12:10 PM
> Subject: [radius] Freeradius/MySql problem
>
>
>> I currently run ver.0.9.3
>>
>> I have MySql database that is used with FreeRadius.
>>
>> What were are having a problem with is that if the
>> user logs in with UPPER-NAME or lower-name
>> either one works.
>>
>> I have tried lower_user & lower_pass before/after/no
>> and the radius system still authenticates all UPPER-CASE.
>>
>> With this we are getting double billed by our wholesale
>> provider because they run unix based also and it sees
>> both as valid log ins because we authenticated them.
>>
>> When we built our MySql we use with the setup in FreeRadius.
>>
>> Has anyone else had this and how did you fix this to keep
>> everyone lower case.
>>
>> Thanks
>> Bob Ross
>>
>> - List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>> --
>> No virus found in this incoming message.
>> Checked by AVG Anti-Virus.
>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>
>>
>
>
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

Nick Marino
In reply to this post by radius-4
Let me look at my files and find the exact entry.

Nick Marino - IT Solutions
----- Original Message -----
From: "Radius" <[hidden email]>
To: "FreeRadius users mailing list" <[hidden email]>
Sent: Saturday, July 02, 2005 12:36 PM
Subject: Re: [radius] Freeradius/MySql problem


> In the radius.conf under lower_user & lower_pass
>
> I tried all three. before/after/no and they will still authenticate
> all UPPER CASE.
>
> What other config file are you talking about?
>
> Thanks
>
> Nick Marino wrote:
>
>> In the config file you can set it to force all lower case.
>>
>> I had this problem and solved it by changing it in the config.
>>
>> Nick Marino - IT Solutions
>> ----- Original Message ----- From: "Radius" <[hidden email]>
>> To: <[hidden email]>
>> Sent: Saturday, July 02, 2005 12:10 PM
>> Subject: [radius] Freeradius/MySql problem
>>
>>
>>> I currently run ver.0.9.3
>>>
>>> I have MySql database that is used with FreeRadius.
>>>
>>> What were are having a problem with is that if the
>>> user logs in with UPPER-NAME or lower-name
>>> either one works.
>>>
>>> I have tried lower_user & lower_pass before/after/no
>>> and the radius system still authenticates all UPPER-CASE.
>>>
>>> With this we are getting double billed by our wholesale
>>> provider because they run unix based also and it sees
>>> both as valid log ins because we authenticated them.
>>>
>>> When we built our MySql we use with the setup in FreeRadius.
>>>
>>> Has anyone else had this and how did you fix this to keep
>>> everyone lower case.
>>>
>>> Thanks
>>> Bob Ross
>>>
>>> - List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>>
>>> --
>>> No virus found in this incoming message.
>>> Checked by AVG Anti-Virus.
>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>>
>>>
>>
>>
>>
>
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>



--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

Nick Marino
In reply to this post by radius-4
This is what I have and it works.
Also there are some options in the sql.conf that relate to this make sure
you have the right lines uncommented in there.

Open sql.conf and search for lower.

Are you sure their is not something in your realms section overriding this?

# This is as close as we can get to case insensitivity.  It is
# the admin's job to ensure that the username on the auth
# db side is *also* lowercase to make this work
#
# Default is 'no' (don't lowercase values)
# Valid values = "before" / "after" / "no"
#
lower_user = before
lower_pass = before


Nick Marino - IT Solutions
----- Original Message -----
From: "Radius" <[hidden email]>
To: "FreeRadius users mailing list" <[hidden email]>
Sent: Saturday, July 02, 2005 12:42 PM
Subject: Re: [radius] Freeradius/MySql problem


> OK, let me try this way, when our wholesale provider receives a realm,
> they know where
> to send the request.
>
> If the user sends [hidden email] or [hidden email]
>
> our radius regardless if I have lower_user before/after/no
>
> They will be authenticated either way.
>
> If we force it lower on our end, does not force lower on their end.
>
> It's a mess. They said only this month they were going to issue credits
> and that I needed to get my end to deny UPPER case logins.
>
> I set the lower_user lower and lower_pass to no and a user will
> all [hidden email] will be authenticated. I guess mysql
> doesn't care if it's upper or lower.
>
>
> Nick Marino wrote:
>
>> In the config file you can set it to force all lower case.
>>
>> I had this problem and solved it by changing it in the config.
>>
>> Nick Marino - IT Solutions
>> ----- Original Message ----- From: "Radius" <[hidden email]>
>> To: <[hidden email]>
>> Sent: Saturday, July 02, 2005 12:10 PM
>> Subject: [radius] Freeradius/MySql problem
>>
>>
>>> I currently run ver.0.9.3
>>>
>>> I have MySql database that is used with FreeRadius.
>>>
>>> What were are having a problem with is that if the
>>> user logs in with UPPER-NAME or lower-name
>>> either one works.
>>>
>>> I have tried lower_user & lower_pass before/after/no
>>> and the radius system still authenticates all UPPER-CASE.
>>>
>>> With this we are getting double billed by our wholesale
>>> provider because they run unix based also and it sees
>>> both as valid log ins because we authenticated them.
>>>
>>> When we built our MySql we use with the setup in FreeRadius.
>>>
>>> Has anyone else had this and how did you fix this to keep
>>> everyone lower case.
>>>
>>> Thanks
>>> Bob Ross
>>>
>>> - List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>>
>>> --
>>> No virus found in this incoming message.
>>> Checked by AVG Anti-Virus.
>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>>
>>>
>>
>>
>>
>
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>



--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
In reply to this post by Nick Marino
Forcing to lower case is not the problem.

When a user logs in over our wholesale providers network
we need to deny UPPER case logins.

MySql does not care if it's upper or lower and they get authenticated

I want to just deny UPPER letter logins will be the easiest.

I have looked at the MySql table settings, and how they
say to change this, but it also says you do one thing wrong
you will corrupt the database. Don't want that.


Nick Marino wrote:

> Let me look at my files and find the exact entry.
>
> Nick Marino - IT Solutions
> ----- Original Message ----- From: "Radius" <[hidden email]>
> To: "FreeRadius users mailing list"
> <[hidden email]>
> Sent: Saturday, July 02, 2005 12:36 PM
> Subject: Re: [radius] Freeradius/MySql problem
>
>
>> In the radius.conf under lower_user & lower_pass
>>
>> I tried all three. before/after/no and they will still authenticate
>> all UPPER CASE.
>>
>> What other config file are you talking about?
>>
>> Thanks
>>
>> Nick Marino wrote:
>>
>>> In the config file you can set it to force all lower case.
>>>
>>> I had this problem and solved it by changing it in the config.
>>>
>>> Nick Marino - IT Solutions
>>> ----- Original Message ----- From: "Radius" <[hidden email]>
>>> To: <[hidden email]>
>>> Sent: Saturday, July 02, 2005 12:10 PM
>>> Subject: [radius] Freeradius/MySql problem
>>>
>>>
>>>> I currently run ver.0.9.3
>>>>
>>>> I have MySql database that is used with FreeRadius.
>>>>
>>>> What were are having a problem with is that if the
>>>> user logs in with UPPER-NAME or lower-name
>>>> either one works.
>>>>
>>>> I have tried lower_user & lower_pass before/after/no
>>>> and the radius system still authenticates all UPPER-CASE.
>>>>
>>>> With this we are getting double billed by our wholesale
>>>> provider because they run unix based also and it sees
>>>> both as valid log ins because we authenticated them.
>>>>
>>>> When we built our MySql we use with the setup in FreeRadius.
>>>>
>>>> Has anyone else had this and how did you fix this to keep
>>>> everyone lower case.
>>>>
>>>> Thanks
>>>> Bob Ross
>>>>
>>>> - List info/subscribe/unsubscribe? See
>>>> http://www.freeradius.org/list/users.html
>>>>
>>>>
>>>> --
>>>> No virus found in this incoming message.
>>>> Checked by AVG Anti-Virus.
>>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>>>
>>>>
>>>
>>>
>>>
>>
>> - List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>> --
>> No virus found in this incoming message.
>> Checked by AVG Anti-Virus.
>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>
>
>
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
In reply to this post by Nick Marino
Yes, I found what you mention below in the radius.conf

I will look through the sql. file also.

I understand this. but if I force lower to [hidden email]
our upstream sees this as an authentication. If the user logs
in with [hidden email] our upstream sees this also as an
authentication.

I get double billed.

If I put lower_user & lower_pass to no they still get authenticated.

I need to deny UPPER case.



Nick Marino wrote:

> This is what I have and it works.
> Also there are some options in the sql.conf that relate to this make
> sure you have the right lines uncommented in there.
>
> Open sql.conf and search for lower.
>
> Are you sure their is not something in your realms section overriding
> this?
>
> # This is as close as we can get to case insensitivity.  It is
> # the admin's job to ensure that the username on the auth
> # db side is *also* lowercase to make this work
> #
> # Default is 'no' (don't lowercase values)
> # Valid values = "before" / "after" / "no"
> #
> lower_user = before
> lower_pass = before
>
>
> Nick Marino - IT Solutions
> ----- Original Message ----- From: "Radius" <[hidden email]>
> To: "FreeRadius users mailing list"
> <[hidden email]>
> Sent: Saturday, July 02, 2005 12:42 PM
> Subject: Re: [radius] Freeradius/MySql problem
>
>
>> OK, let me try this way, when our wholesale provider receives a
>> realm, they know where
>> to send the request.
>>
>> If the user sends [hidden email] or [hidden email]
>>
>> our radius regardless if I have lower_user before/after/no
>>
>> They will be authenticated either way.
>>
>> If we force it lower on our end, does not force lower on their end.
>>
>> It's a mess. They said only this month they were going to issue credits
>> and that I needed to get my end to deny UPPER case logins.
>>
>> I set the lower_user lower and lower_pass to no and a user will
>> all [hidden email] will be authenticated. I guess mysql
>> doesn't care if it's upper or lower.
>>
>>
>> Nick Marino wrote:
>>
>>> In the config file you can set it to force all lower case.
>>>
>>> I had this problem and solved it by changing it in the config.
>>>
>>> Nick Marino - IT Solutions
>>> ----- Original Message ----- From: "Radius" <[hidden email]>
>>> To: <[hidden email]>
>>> Sent: Saturday, July 02, 2005 12:10 PM
>>> Subject: [radius] Freeradius/MySql problem
>>>
>>>
>>>> I currently run ver.0.9.3
>>>>
>>>> I have MySql database that is used with FreeRadius.
>>>>
>>>> What were are having a problem with is that if the
>>>> user logs in with UPPER-NAME or lower-name
>>>> either one works.
>>>>
>>>> I have tried lower_user & lower_pass before/after/no
>>>> and the radius system still authenticates all UPPER-CASE.
>>>>
>>>> With this we are getting double billed by our wholesale
>>>> provider because they run unix based also and it sees
>>>> both as valid log ins because we authenticated them.
>>>>
>>>> When we built our MySql we use with the setup in FreeRadius.
>>>>
>>>> Has anyone else had this and how did you fix this to keep
>>>> everyone lower case.
>>>>
>>>> Thanks
>>>> Bob Ross
>>>>
>>>> - List info/subscribe/unsubscribe? See
>>>> http://www.freeradius.org/list/users.html
>>>>
>>>>
>>>> --
>>>> No virus found in this incoming message.
>>>> Checked by AVG Anti-Virus.
>>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>>>
>>>>
>>>
>>>
>>>
>>
>> - List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>> --
>> No virus found in this incoming message.
>> Checked by AVG Anti-Virus.
>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>
>
>
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
In reply to this post by Nick Marino
I tried the case sensitive attributes in the sql.conf but that didn't help.

Looks as if it's going to be in MySql that I'll have to have set.

That is not going to be fun at all.


Nick Marino wrote:

> This is what I have and it works.
> Also there are some options in the sql.conf that relate to this make
> sure you have the right lines uncommented in there.
>
> Open sql.conf and search for lower.
>
> Are you sure their is not something in your realms section overriding
> this?
>
> # This is as close as we can get to case insensitivity.  It is
> # the admin's job to ensure that the username on the auth
> # db side is *also* lowercase to make this work
> #
> # Default is 'no' (don't lowercase values)
> # Valid values = "before" / "after" / "no"
> #
> lower_user = before
> lower_pass = before
>
>
> Nick Marino - IT Solutions
> ----- Original Message ----- From: "Radius" <[hidden email]>
> To: "FreeRadius users mailing list"
> <[hidden email]>
> Sent: Saturday, July 02, 2005 12:42 PM
> Subject: Re: [radius] Freeradius/MySql problem
>
>
>> OK, let me try this way, when our wholesale provider receives a
>> realm, they know where
>> to send the request.
>>
>> If the user sends [hidden email] or [hidden email]
>>
>> our radius regardless if I have lower_user before/after/no
>>
>> They will be authenticated either way.
>>
>> If we force it lower on our end, does not force lower on their end.
>>
>> It's a mess. They said only this month they were going to issue credits
>> and that I needed to get my end to deny UPPER case logins.
>>
>> I set the lower_user lower and lower_pass to no and a user will
>> all [hidden email] will be authenticated. I guess mysql
>> doesn't care if it's upper or lower.
>>
>>
>> Nick Marino wrote:
>>
>>> In the config file you can set it to force all lower case.
>>>
>>> I had this problem and solved it by changing it in the config.
>>>
>>> Nick Marino - IT Solutions
>>> ----- Original Message ----- From: "Radius" <[hidden email]>
>>> To: <[hidden email]>
>>> Sent: Saturday, July 02, 2005 12:10 PM
>>> Subject: [radius] Freeradius/MySql problem
>>>
>>>
>>>> I currently run ver.0.9.3
>>>>
>>>> I have MySql database that is used with FreeRadius.
>>>>
>>>> What were are having a problem with is that if the
>>>> user logs in with UPPER-NAME or lower-name
>>>> either one works.
>>>>
>>>> I have tried lower_user & lower_pass before/after/no
>>>> and the radius system still authenticates all UPPER-CASE.
>>>>
>>>> With this we are getting double billed by our wholesale
>>>> provider because they run unix based also and it sees
>>>> both as valid log ins because we authenticated them.
>>>>
>>>> When we built our MySql we use with the setup in FreeRadius.
>>>>
>>>> Has anyone else had this and how did you fix this to keep
>>>> everyone lower case.
>>>>
>>>> Thanks
>>>> Bob Ross
>>>>
>>>> - List info/subscribe/unsubscribe? See
>>>> http://www.freeradius.org/list/users.html
>>>>
>>>>
>>>> --
>>>> No virus found in this incoming message.
>>>> Checked by AVG Anti-Virus.
>>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>>>
>>>>
>>>
>>>
>>>
>>
>> - List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>> --
>> No virus found in this incoming message.
>> Checked by AVG Anti-Virus.
>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>
>
>
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

Nick Marino
In reply to this post by radius-4
First you need to have a standard for your accounts you need to decide if
they should all be uppercase or lower case then restrict the oppisite.

I am not understanding if you are saying you have accounts that some are
uppercase and some are lower case?

What is your standard?

Nick Marino - IT Solutions
----- Original Message -----
From: "Radius" <[hidden email]>
To: "FreeRadius users mailing list" <[hidden email]>
Sent: Saturday, July 02, 2005 1:23 PM
Subject: Re: [radius] Freeradius/MySql problem


> Yes, I found what you mention below in the radius.conf
>
> I will look through the sql. file also.
>
> I understand this. but if I force lower to [hidden email]
> our upstream sees this as an authentication. If the user logs
> in with [hidden email] our upstream sees this also as an
> authentication.
>
> I get double billed.
>
> If I put lower_user & lower_pass to no they still get authenticated.
>
> I need to deny UPPER case.
>
>
>
> Nick Marino wrote:
>
>> This is what I have and it works.
>> Also there are some options in the sql.conf that relate to this make sure
>> you have the right lines uncommented in there.
>>
>> Open sql.conf and search for lower.
>>
>> Are you sure their is not something in your realms section overriding
>> this?
>>
>> # This is as close as we can get to case insensitivity.  It is
>> # the admin's job to ensure that the username on the auth
>> # db side is *also* lowercase to make this work
>> #
>> # Default is 'no' (don't lowercase values)
>> # Valid values = "before" / "after" / "no"
>> #
>> lower_user = before
>> lower_pass = before
>>
>>
>> Nick Marino - IT Solutions
>> ----- Original Message ----- From: "Radius" <[hidden email]>
>> To: "FreeRadius users mailing list"
>> <[hidden email]>
>> Sent: Saturday, July 02, 2005 12:42 PM
>> Subject: Re: [radius] Freeradius/MySql problem
>>
>>
>>> OK, let me try this way, when our wholesale provider receives a realm,
>>> they know where
>>> to send the request.
>>>
>>> If the user sends [hidden email] or [hidden email]
>>>
>>> our radius regardless if I have lower_user before/after/no
>>>
>>> They will be authenticated either way.
>>>
>>> If we force it lower on our end, does not force lower on their end.
>>>
>>> It's a mess. They said only this month they were going to issue credits
>>> and that I needed to get my end to deny UPPER case logins.
>>>
>>> I set the lower_user lower and lower_pass to no and a user will
>>> all [hidden email] will be authenticated. I guess mysql
>>> doesn't care if it's upper or lower.
>>>
>>>
>>> Nick Marino wrote:
>>>
>>>> In the config file you can set it to force all lower case.
>>>>
>>>> I had this problem and solved it by changing it in the config.
>>>>
>>>> Nick Marino - IT Solutions
>>>> ----- Original Message ----- From: "Radius" <[hidden email]>
>>>> To: <[hidden email]>
>>>> Sent: Saturday, July 02, 2005 12:10 PM
>>>> Subject: [radius] Freeradius/MySql problem
>>>>
>>>>
>>>>> I currently run ver.0.9.3
>>>>>
>>>>> I have MySql database that is used with FreeRadius.
>>>>>
>>>>> What were are having a problem with is that if the
>>>>> user logs in with UPPER-NAME or lower-name
>>>>> either one works.
>>>>>
>>>>> I have tried lower_user & lower_pass before/after/no
>>>>> and the radius system still authenticates all UPPER-CASE.
>>>>>
>>>>> With this we are getting double billed by our wholesale
>>>>> provider because they run unix based also and it sees
>>>>> both as valid log ins because we authenticated them.
>>>>>
>>>>> When we built our MySql we use with the setup in FreeRadius.
>>>>>
>>>>> Has anyone else had this and how did you fix this to keep
>>>>> everyone lower case.
>>>>>
>>>>> Thanks
>>>>> Bob Ross
>>>>>
>>>>> - List info/subscribe/unsubscribe? See
>>>>> http://www.freeradius.org/list/users.html
>>>>>
>>>>>
>>>>> --
>>>>> No virus found in this incoming message.
>>>>> Checked by AVG Anti-Virus.
>>>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>
>>> - List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>>
>>> --
>>> No virus found in this incoming message.
>>> Checked by AVG Anti-Virus.
>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>>
>>
>>
>>
>
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>



--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
They are all lower case.

In all the databases they are lower case.

But when someone logs in on our wholesale service and they put UPPER
case regardless how
I have radius set they still authenticate either way.

Since the provider requires chap, we use mysql. On our local number is
PAP, so anyone that
logs in with upper would get refused unless we force to lower, but then
were right back where
we started.

To avoid being billed for both the upper log in and lower logins with
our whole seller, I need to
deny anything that shows up with UPPER case.



Nick Marino wrote:

> First you need to have a standard for your accounts you need to decide
> if they should all be uppercase or lower case then restrict the oppisite.
>
> I am not understanding if you are saying you have accounts that some
> are uppercase and some are lower case?
>
> What is your standard?
>
> Nick Marino - IT Solutions
> ----- Original Message ----- From: "Radius" <[hidden email]>
> To: "FreeRadius users mailing list"
> <[hidden email]>
> Sent: Saturday, July 02, 2005 1:23 PM
> Subject: Re: [radius] Freeradius/MySql problem
>
>
>> Yes, I found what you mention below in the radius.conf
>>
>> I will look through the sql. file also.
>>
>> I understand this. but if I force lower to [hidden email]
>> our upstream sees this as an authentication. If the user logs
>> in with [hidden email] our upstream sees this also as an
>> authentication.
>>
>> I get double billed.
>>
>> If I put lower_user & lower_pass to no they still get authenticated.
>>
>> I need to deny UPPER case.
>>
>>
>>
>> Nick Marino wrote:
>>
>>> This is what I have and it works.
>>> Also there are some options in the sql.conf that relate to this make
>>> sure you have the right lines uncommented in there.
>>>
>>> Open sql.conf and search for lower.
>>>
>>> Are you sure their is not something in your realms section
>>> overriding this?
>>>
>>> # This is as close as we can get to case insensitivity.  It is
>>> # the admin's job to ensure that the username on the auth
>>> # db side is *also* lowercase to make this work
>>> #
>>> # Default is 'no' (don't lowercase values)
>>> # Valid values = "before" / "after" / "no"
>>> #
>>> lower_user = before
>>> lower_pass = before
>>>
>>>
>>> Nick Marino - IT Solutions
>>> ----- Original Message ----- From: "Radius" <[hidden email]>
>>> To: "FreeRadius users mailing list"
>>> <[hidden email]>
>>> Sent: Saturday, July 02, 2005 12:42 PM
>>> Subject: Re: [radius] Freeradius/MySql problem
>>>
>>>
>>>> OK, let me try this way, when our wholesale provider receives a
>>>> realm, they know where
>>>> to send the request.
>>>>
>>>> If the user sends [hidden email] or [hidden email]
>>>>
>>>> our radius regardless if I have lower_user before/after/no
>>>>
>>>> They will be authenticated either way.
>>>>
>>>> If we force it lower on our end, does not force lower on their end.
>>>>
>>>> It's a mess. They said only this month they were going to issue
>>>> credits
>>>> and that I needed to get my end to deny UPPER case logins.
>>>>
>>>> I set the lower_user lower and lower_pass to no and a user will
>>>> all [hidden email] will be authenticated. I guess mysql
>>>> doesn't care if it's upper or lower.
>>>>
>>>>
>>>> Nick Marino wrote:
>>>>
>>>>> In the config file you can set it to force all lower case.
>>>>>
>>>>> I had this problem and solved it by changing it in the config.
>>>>>
>>>>> Nick Marino - IT Solutions
>>>>> ----- Original Message ----- From: "Radius" <[hidden email]>
>>>>> To: <[hidden email]>
>>>>> Sent: Saturday, July 02, 2005 12:10 PM
>>>>> Subject: [radius] Freeradius/MySql problem
>>>>>
>>>>>
>>>>>> I currently run ver.0.9.3
>>>>>>
>>>>>> I have MySql database that is used with FreeRadius.
>>>>>>
>>>>>> What were are having a problem with is that if the
>>>>>> user logs in with UPPER-NAME or lower-name
>>>>>> either one works.
>>>>>>
>>>>>> I have tried lower_user & lower_pass before/after/no
>>>>>> and the radius system still authenticates all UPPER-CASE.
>>>>>>
>>>>>> With this we are getting double billed by our wholesale
>>>>>> provider because they run unix based also and it sees
>>>>>> both as valid log ins because we authenticated them.
>>>>>>
>>>>>> When we built our MySql we use with the setup in FreeRadius.
>>>>>>
>>>>>> Has anyone else had this and how did you fix this to keep
>>>>>> everyone lower case.
>>>>>>
>>>>>> Thanks
>>>>>> Bob Ross
>>>>>>
>>>>>> - List info/subscribe/unsubscribe? See
>>>>>> http://www.freeradius.org/list/users.html
>>>>>>
>>>>>>
>>>>>> --
>>>>>> No virus found in this incoming message.
>>>>>> Checked by AVG Anti-Virus.
>>>>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date:
>>>>>> 7/1/2005
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> - List info/subscribe/unsubscribe? See
>>>> http://www.freeradius.org/list/users.html
>>>>
>>>>
>>>> --
>>>> No virus found in this incoming message.
>>>> Checked by AVG Anti-Virus.
>>>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>>>
>>>
>>>
>>>
>>
>> - List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>> --
>> No virus found in this incoming message.
>> Checked by AVG Anti-Virus.
>> Version: 7.0.323 / Virus Database: 267.8.8/37 - Release Date: 7/1/2005
>>
>
>
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

Paul "TBBle" Hampson
In reply to this post by radius-4
On Sat, Jul 02, 2005 at 10:42:44AM -0700, Radius wrote:
> OK, let me try this way, when our wholesale provider receives a realm,
> they know where
> to send the request.
>
> If the user sends [hidden email] or [hidden email]
>
> our radius regardless if I have lower_user before/after/no
>
> They will be authenticated either way.

> If we force it lower on our end, does not force lower on their end.

> It's a mess. They said only this month they were going to issue credits
> and that I needed to get my end to deny UPPER case logins.

> I set the lower_user lower and lower_pass to no and a user will
> all [hidden email] will be authenticated. I guess mysql
> doesn't care if it's upper or lower.

For what you want to do, you need to set lower_user to 'no',
and check your authorize_check_query to be sure you're using
the one that has "STRCMP(Username, '%{SQL-User-Name}')" and not the
one that has "Username = '%{SQL-User-Name}'".

ie (this is in 1.0.4, and doesn't work with mysql 4 onwards.)

        # Use these for case sensitive usernames. WARNING: Slower queries!
        authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id"
        authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM ${authreply_table} WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id"

# authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"
# authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM ${authreply_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"

rather than the default.

        # Use these for case sensitive usernames. WARNING: Slower queries!
# authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id"
# authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM ${authreply_table} WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id"

        authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"
        authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM ${authreply_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"


(That's only moving the #s, not changing the query itself.)

This is the joy of mySQL, it's not case-sensitive for string
comparisons by default. ^_^

Alternatively, change the radcheck table's UserName column to be 'BINARY', see
http://dev.mysql.com/doc/mysql/en/case-sensitivity.html for details. (Although
that's mySQL 4.1. If you're using a packaged mySQL from a distribution, check
A.5.1 in the included manual for more specific details.)

In fact, I'd be interested to know if
        authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} WHERE BINARY Username = '%{SQL-User-Name}' ORDER BY id"
        authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM ${authreply_table} WHERE BINARY Username = '%{SQL-User-Name}' ORDER BY id"
fixes it, and if it works for mySQL < 4, because it's more future-proofed
than STRCMP, which has already changed semantics.

--
Paul "TBBle" Hampson, on an alternate email client.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
After updated to 1.04 and making the changes again what you recommend below
and when I try to run radtest I get all kinds of these dup error.

radclient: dict_init:
/usr/local/radius/share/freeradius/dictionary.acc[110]: dict_addvalue:
Duplicate value name Administrative-reset for attribute Acc-Reason-Code

But it's in a lot of the dictionary files. I find all the dups and it
just keeps going.

I tried to go back to 0.9.3, but something happened. It is now wanting
to run 1.04 all the time.

So far people are still loggin in so it hasn't been misconfigured to bad.



Paul Hampson wrote:

>On Sat, Jul 02, 2005 at 10:42:44AM -0700, Radius wrote:
>  
>
>>OK, let me try this way, when our wholesale provider receives a realm,
>>they know where
>>to send the request.
>>
>>If the user sends [hidden email] or [hidden email]
>>
>>our radius regardless if I have lower_user before/after/no
>>
>>They will be authenticated either way.
>>    
>>
>
>  
>
>>If we force it lower on our end, does not force lower on their end.
>>    
>>
>
>  
>
>>It's a mess. They said only this month they were going to issue credits
>>and that I needed to get my end to deny UPPER case logins.
>>    
>>
>
>  
>
>>I set the lower_user lower and lower_pass to no and a user will
>>all [hidden email] will be authenticated. I guess mysql
>>doesn't care if it's upper or lower.
>>    
>>
>
>For what you want to do, you need to set lower_user to 'no',
>and check your authorize_check_query to be sure you're using
>the one that has "STRCMP(Username, '%{SQL-User-Name}')" and not the
>one that has "Username = '%{SQL-User-Name}'".
>
>ie (this is in 1.0.4, and doesn't work with mysql 4 onwards.)
>
> # Use these for case sensitive usernames. WARNING: Slower queries!
> authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id"
> authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM ${authreply_table} WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id"
>
># authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"
># authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM ${authreply_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"
>
>rather than the default.
>
> # Use these for case sensitive usernames. WARNING: Slower queries!
># authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id"
># authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM ${authreply_table} WHERE STRCMP(Username, '%{SQL-User-Name}') = 0 ORDER BY id"
>
> authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"
> authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM ${authreply_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"
>
>
>(That's only moving the #s, not changing the query itself.)
>
>This is the joy of mySQL, it's not case-sensitive for string
>comparisons by default. ^_^
>
>Alternatively, change the radcheck table's UserName column to be 'BINARY', see
>http://dev.mysql.com/doc/mysql/en/case-sensitivity.html for details. (Although
>that's mySQL 4.1. If you're using a packaged mySQL from a distribution, check
>A.5.1 in the included manual for more specific details.)
>
>In fact, I'd be interested to know if
> authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} WHERE BINARY Username = '%{SQL-User-Name}' ORDER BY id"
> authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM ${authreply_table} WHERE BINARY Username = '%{SQL-User-Name}' ORDER BY id"
>fixes it, and if it works for mySQL < 4, because it's more future-proofed
>than STRCMP, which has already changed semantics.
>
>  
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

Alan DeKok
Radius <[hidden email]> wrote:
> After updated to 1.04 and making the changes again what you recommend below
> and when I try to run radtest I get all kinds of these dup error.
>
> radclient: dict_init:
> /usr/local/radius/share/freeradius/dictionary.acc[110]: dict_addvalue:
> Duplicate value name Administrative-reset for attribute Acc-Reason-Code

  You need to point /etc/raddb/dictionary to the new 1.0.4 dictionaries.q

  See raddb/dictionary in the 1.0.4 source distribution.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
OK,, I'm confused

$ cp ./raddb/dictionary /etc/raddb/dictionary


I have a directory /etc/raddb/dictonary

Do I also need to create ./raddb/dictonary ?

Thanks


Alan DeKok wrote:

>Radius <[hidden email]> wrote:
>  
>
>>After updated to 1.04 and making the changes again what you recommend below
>>and when I try to run radtest I get all kinds of these dup error.
>>
>>radclient: dict_init:
>>/usr/local/radius/share/freeradius/dictionary.acc[110]: dict_addvalue:
>>Duplicate value name Administrative-reset for attribute Acc-Reason-Code
>>    
>>
>
>  You need to point /etc/raddb/dictionary to the new 1.0.4 dictionaries.q
>
>  See raddb/dictionary in the 1.0.4 source distribution.
>
>  Alan DeKok.
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>  
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
In reply to this post by Alan DeKok
Alan DeKok wrote:

>Radius <[hidden email]> wrote:
>  
>
>>After updated to 1.04 and making the changes again what you recommend below
>>and when I try to run radtest I get all kinds of these dup error.
>>
>>radclient: dict_init:
>>/usr/local/radius/share/freeradius/dictionary.acc[110]: dict_addvalue:
>>Duplicate value name Administrative-reset for attribute Acc-Reason-Code
>>    
>>
>
>  You need to point /etc/raddb/dictionary to the new 1.0.4 dictionaries.q
>
>  See raddb/dictionary in the 1.0.4 source distribution.
>  
>
it says in there that they are at /usr/local/share/freeradius/

and they are there. I did the default installation.

When I edit and delete the dups, it just keeps going one file after
the other.

I'll have to pull 0.93 from an old backup. This seems to be getting worse
as I try to make adjustments.








>  Alan DeKok.
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>  
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
Well, actually it was ver 1.01

But after loading the backup, I now get the same errors.

Well, I guess I just hosed a production server now.

It was all working fine before I tried to make the update.

That will teach me to fix something not broke.


Radius wrote:

> Alan DeKok wrote:
>
>> Radius <[hidden email]> wrote:
>>  
>>
>>> After updated to 1.04 and making the changes again what you
>>> recommend below
>>> and when I try to run radtest I get all kinds of these dup error.
>>>
>>> radclient: dict_init:
>>> /usr/local/radius/share/freeradius/dictionary.acc[110]:
>>> dict_addvalue: Duplicate value name Administrative-reset for
>>> attribute Acc-Reason-Code
>>>  
>>
>>
>>  You need to point /etc/raddb/dictionary to the new 1.0.4 dictionaries.q
>>
>>  See raddb/dictionary in the 1.0.4 source distribution.
>>  
>>
> it says in there that they are at /usr/local/share/freeradius/
>
> and they are there. I did the default installation.
>
> When I edit and delete the dups, it just keeps going one file after
> the other.
>
> I'll have to pull 0.93 from an old backup. This seems to be getting worse
> as I try to make adjustments.
>
>
>
>
>
>
>
>
>>  Alan DeKok.
>> - List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>>  
>>
>
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
In reply to this post by Alan DeKok
I did get back to 0.93 but I still get the same errors with a local radtest.

But at least people can log in and get authenticated.

Why did they have to mess with directories.

It was working fine where they had it, now this system is totally hosed
because I can find what else they embedded in the system.

I just replaced all the /usr/local & /etc directories from the back up
and that crazy
error is still there.

It's saying radtest can't read the radiusd.conf file.

Alan DeKok wrote:

>Radius <[hidden email]> wrote:
>  
>
>>After updated to 1.04 and making the changes again what you recommend below
>>and when I try to run radtest I get all kinds of these dup error.
>>
>>radclient: dict_init:
>>/usr/local/radius/share/freeradius/dictionary.acc[110]: dict_addvalue:
>>Duplicate value name Administrative-reset for attribute Acc-Reason-Code
>>    
>>
>
>  You need to point /etc/raddb/dictionary to the new 1.0.4 dictionaries.q
>
>  See raddb/dictionary in the 1.0.4 source distribution.
>
>  Alan DeKok.
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>  
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

Alan DeKok
In reply to this post by radius-4
Radius <[hidden email]> wrote:
> I have a directory /etc/raddb/dictonary

  FreeRADIUS never created that.

  It should be a file.

> >  See raddb/dictionary in the 1.0.4 source distribution.
> >  
> it says in there that they are at /usr/local/share/freeradius/
>
> and they are there. I did the default installation.

  What you missed is that the dictionary in /etc/raddb/dictionary
should be nothing more than a reference to the
/usr/local/share/freeradius files.

> When I edit and delete the dups, it just keeps going one file after
> the other.

  Don't edit the dictionaries!  This whole problem came about because
when you upgraded the "make install" process told you what you would
have to do next, and you ignored it.  You then went and edited mor
ethings without understanding them, making random changes in the hopes
that something would work.

> I'll have to pull 0.93 from an old backup. This seems to be getting worse
> as I try to make adjustments.
 
  Exactly.  Your "adjustments" are based on incomplete knowledge, and
as a result, are wrong.

  The simple solution is to re-install 1.0.4, but this time do:

$ ./configure --prefix=/opt/freeradius
$ make
$ make install

  Since you don't already have a "/opt/freeradius" directory, it will
make one, install itself, and the version of the server in
/opt/freeradius WILL WORK.

  You can then update the configuration files in
/opt/freeradius/etc/raddb to match your local configuration.

  And DON'T EDIT THE DICTIONARY FILES.

  Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: [radius] Freeradius/MySql problem

radius-4
Alan DeKok wrote:

>Radius <[hidden email]> wrote:
>  
>
>>I have a directory /etc/raddb/dictonary
>>    
>>
>
>  FreeRADIUS never created that.
>
>  It should be a file.
>  
>
It was a file. I should have been more clear.

>  
>
>>> See raddb/dictionary in the 1.0.4 source distribution.
>>>
>>>      
>>>
>>it says in there that they are at /usr/local/share/freeradius/
>>
>>and they are there. I did the default installation.
>>    
>>
>
>  What you missed is that the dictionary in /etc/raddb/dictionary
>should be nothing more than a reference to the
>/usr/local/share/freeradius files.
>  
>
Yep it did.

>  
>
>>When I edit and delete the dups, it just keeps going one file after
>>the other.
>>    
>>
>
>  Exactly.  Your "adjustments" are based on incomplete knowledge, and
>as a result, are wrong.
>
>  The simple solution is to re-install 1.0.4, but this time do:
>
>$ ./configure --prefix=/opt/freeradius
>$ make
>$ make install
>
>  
>
This is what I did do the first time when all the troubles started.

The second and third time I installed, I left it out figuring that caused
the problem.

>  Since you don't already have a "/opt/freeradius" directory, it will
>make one, install itself, and the version of the server in
>/opt/freeradius WILL WORK.
>  
>
Nope, it never got created there. I checked. Nothing in that directory.

Yes I'm logged in as user root.

>  You can then update the configuration files in
>/opt/freeradius/etc/raddb to match your local configuration.
>
>  And DON'T EDIT THE DICTIONARY FILES.
>
>  Alan DeKok.
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>  
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
12