(RADIATOR) how to authenticate from /etc/shadow

Hugh Irvine hugh at open.com.au
Mon Dec 16 00:39:06 CST 2002 

Hello Talha -

You would do something like this:

# define AuthBy clauses

<AuthBy UNIX>
	Identifier CheckUNIX
	Filename /etc/shadow
	....
</AuthBy>

<AuthBy SQL>
	Identifier CheckSQL
	.....
</AuthBy>

# define Realm(s)

<Realm DEFAULT>
	# use AuthByPolicy ContinueWhileAccept if you want the user to be  
accepted in both AuthBy's
	# use AuthByPolicy ContinueUntilAccept if you want the user to be  
accepted by one or the other
	AuthByPolicy ContinueWhileAccept
	AuthBy CheckUNIX
	AuthBy CheckSQL
	.....
</Realm>


regards

Hugh


On Monday, Dec 16, 2002, at 08:31 Australia/Melbourne, Muhammad Talha  
wrote:

> Dear
>  
>  
> i want to authenticate users from /etc/shadow  on my solaris sparc  
> machine and i am aslo using other authentication method i.e oracle
> and i want to use both methods at same time . my radius cfg file is  
> aslo follows
>  
> <AuthBy UNIX>
>         Filename /etc/shadow
> </AuthBy>
> <Realm DEFAULT>
>         RewriteUsername s/^([^@]+).*/$1/
>         AuthByPolicy ContinueWhileAccept
>         RejectHasReason
>     <AuthBy SQL>
>  
>         # Adjust DBSource, DBUsername, DBAuth to suit your DB^M
>         DBSource         
> dbi:Oracle:(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.2.2)(PORT= 
> 1521))(CONNECT_DATA=(SID=wcisp)))
>         DBUsername      isp
>         DBAuth              isp56552
>  
>  but when i run the following command .
>  
> bash# ./radpwtst -user test -password test786  -noacct
> sending Access-Request...
> Rejected
>  
> and radius trace 4 log show the following
>  
> Mon Dec 16 02:25:36 2002: DEBUG: Radius::AuthSQL looks for match with  
> test
> Mon Dec 16 02:25:36 2002: DEBUG: Radius::AuthSQL REJECT: Bad Encrypted  
> password
> Mon Dec 16 02:25:36 2002: DEBUG: Query is: select  
> PASSWORD,CallingStationId,Serv
> iceType,FramedProtocol,FramedIPNetmask,NASPortType,SimultaneousUse,Fram 
> edIPAddre
> ss,SessionTimeout,TimeDuration, PoolHint  from TblUserLogin where  
> Active=1 and
> LoginName='DEFAULT' and (NASIPAddress='203.63.154.1' or NASIPAddress  
> is null)
>  
> Mon Dec 16 02:25:36 2002: INFO: Access rejected for test: Bad  
> Encrypted passwor
> d
> Mon Dec 16 02:25:36 2002: DEBUG: Packet dump:
> *** Sending to 127.0.0.1 port 35683 ....
> Code:       Access-Reject
> Identifier: 201
> Authentic:  1234567890123456
> Attributes:
>         Reply-Message = "Bad Encrypted password"
> i think its is not going to AUTH UNIX how can i correct this and make  
> this work
> please guide me in this regard
>  
>  
> Regards
>  
> Muhammad Talha
>  
> WorldCall Dot Com
>  
>  
>  
>  
>  
>  
>  
>  
>  
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list