(RADIATOR) SQL accounting

Hugh Irvine hugh at open.com.au
Thu Dec 4 16:28:27 CST 2003


Hello Fred -

I'm afraid I don't quite understand what you mean by this:

>
> I wanted to have the AuthBy SQLAccounting within this AuthBy group
> since that would disable the LDAP file logging.
>

Can you explain what you mean?

The usual way to do what you describe is something like this:

<Handler Request-Type = Accounting-Request, Realm=...>
	AuthBy SQLAccounting
</Handler>

<Handler TunneledByTTLS=1, Realm=...>
   <Authby GROUP>
	AuthByPolicy ContinueUntilAccept
	AuthBy CheckLDAP1
	AuthBy CheckLDAP2
  </AuthBy>
</Handler>

regards

Hugh


On 05/12/2003, at 3:01 AM, Fred Leeflang wrote:

> Hi,
>
> I have a setup where we have an EAP-TTLS outter authentication loop
> and an inner authentication that uses two LDAP servers for 
> authentication.
>
> I had hoped I could do something like
>
> <Handler TunneledByTTLS=1, Realm=...>
>   <Authby GROUP>
> 	AuthByPolicy ContinueAlways
> 	AuthBy SQLAccounting
> 	AuthBy CheckLDAP1
> 	AuthBy CheckLDAP2
>  </AuthBy>
> </Handler>
>
> However, for obvious reasons, the accounting requests are not 
> TunneledByTTLS so this is not going to work.
>
> I wanted to have the AuthBy SQLAccounting within this AuthBy group
> since that would disable the LDAP file logging.
>
> Is there an elegant way to get SQL accounting in this setup?
>
> -- 
> Fred Leeflang
> Sr. Infrastructuur Specialist, Hogeschool van Amsterdam
> tel. 020-5952952 (06-30588921)
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list