(RADIATOR) Username missing from AuthLog using TACACS

Mike McCauley mikem at open.com.au
Wed Dec 3 16:05:08 CST 2003


Hello Steve,


On Wed, 3 Dec 2003 10:41 pm, Steve Rogers wrote:
> Hi,
>
> We are using TACACS with AuthLog FILE and logging the username from
> Access-Requests. Our config file excerpts are below. The problem is that
> using %u we never see the username logged from the User-Name attribute
> in the radius Access Request. Changing the %u to %{User-Name} works with
> no problems.

Thanks for reporting this.
We have issued a patch that should fix this problem, and attached a new 
ServerTACACSPLUS.pm for you to test.

We apologise for this problem.

Cheers.

>
> Config file:
>
> <AuthLog FILE>
>         Identifier      AuthLogger
>         Filename        %L/%Y%m%d-auth.log
>         SuccessFormat   %l:%c:%u:OK
>         FailureFormat   %l:%c:%u:FAIL
>         LogSuccess      1
>         LogFailure      1
> </AuthLog>
>
> <ServerTACACSPLUS>
>         Key
>         AddToRequest NAS-Identifier=TACACS
> </ServerTACACSPLUS>
>
> <Realm DEFAULT>
>         AuthLog AuthLogger
>         <AuthBy FILE>
>                 Filename tacacs.users
>         </AuthBy>
>         AcctLogFileName %L/%Y%m%d-acct.log
> </Realm>
>
> Authlog result:
>
> Tue Dec  2 16:05:25 2003:192.168.x.x.::OK
>
> After changing the AuthLog format to use %{User-Name} the logfile looks
> like:
>
> Wed Dec  3 10:06:21 2003:192.168.x.x:justin:OK
>
> Using radiator 3.7.1 with latest patches.
>
> Thanks
> Steve

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ServerTACACSPLUS.pm
Type: text/x-perl
Size: 31691 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20031204/8d099a32/attachment.bin>


More information about the radiator mailing list