(RADIATOR) LDAP COnnection
jsingh
jsingh at fdu.edu
Wed Nov 12 10:04:12 CST 2003
Hello Hugh
I understand that Radiator is supposed to drop the connection after it
connects and talks to the LDAP Server. But I can see a connection for each
of my incoming requests. I changed the configuration file for Radiator to
sustain one connection, which is not the ideal situation as far as my
project is concerned. I would like to know if I am missing something in my
config or is this a bug in radiator. I am attaching my config without the
secrets. I am using Radiator-3.5 on solaris 8 with perl 5.6.1
Thanks
Foreground
LogStdout
LogDir /var/log/radius3.5.1
DbDir .
Trace 4
PidFile /var/log/radius3.5.1/radiusd.pid
AuthPort 11645
AcctPort 11646
DefineGlobalVar Max 7200
DictionaryFile /usr/local/adm/src/Radiator-3.5/dictionary
# Clients to suit your site. ###################################
<Client xx.xx.xx.xx>
Secret xxxxxx
DupInterval 0
</Client>
##################################
<Client xxxx.fdu.edu>
Secret xxxxx
DupInterval 0
</Client>
##################################
<Client xxxxxxx>
Secret xxxx
DupInterval 0
</Client>
#################################
<Client xxx.xx.xx.xxx>
Secret xxx
DupInterval 0
</Client>
<Client xx.xx.xx.xx>
#Description Cisco AS5300
Secret xxxxx
DupInterval 0
</Client>
<Client xx.xx.xx.xx>
#Description Cisco AS5300
Secret xxxx
DupInterval 1
</Client>
<Client DEFAULT>
Secret
DupInterval 0
</Client>
<AuthBy LDAP2>
Identifier CheckLDAP
Host xxx.fdu.edu
Port 636
UseSSL
SSLCAPath /usr/local/adm/etc/
BaseDN dc=xxx, dc=xxx
Scope subtree
UsernameAttr xxxxx
PasswordAttr userPassword
ServerChecksPassword
Timeout 2
FailureBackoffTime 30
HoldServerConnection
#CheckAttr cn
#AuthAttrDef ipaddress,Framed-IP-Address,reply
AddToReply Framed-Protocol = PPP,\
Framed-Routing = None,\
Framed-MTU = 1500,\
Framed-Compression = Van-Jacobson-TCP-IP,\
Service-Type = Framed-User,\
Idle-Timeout = 300
Debug 255
</AuthBy>
#########################################################################
<AuthBy SQL>
Identifier Block-Time-SQL
DBSource dbi:mysql:xxxx:localhost
DBUsername xxxxxx
DBAuth xxx
DefaultSimultaneousUse 1
AccountingTable xxxxx
AuthSelect Select Time_Left from RADUSERS where User_Name='%n'
AuthColumnDef 0, Session-Timeout,reply
AcctSQLStatement Update RADUSERS set Time_Left=Time_Left
-'%{Acct-Session-Time}' \
where User_Name='%n';
</AuthBy>
########################################################################
<AuthLog SQL>
Identifier REQUEST
DBSource dbi:mysql:xxxx:localhost
DBUsername xxxxxx
DBAuth xxxxxx
LogSuccess
SuccessQuery insert into RADAUTHLOG (TIME_STAMP,USERNAME,TYPE) values
('%l','%n',1)
LogFailure
FailureQuery insert into RADAUTHLOG (TIME_STAMP,USERNAME,TYPE,REASON)
values ('%l','%n',0,%1) </AuthLog>
#########################################################################
<Realm 1.1>
AuthByPolicy ContinueWhileAccept
PreAuthHook file:"/usr/local/adm/bin/filename.pl"
AuthBy CheckLDAP
AuthBy Block-Time-SQL
AuthLog REQUEST
MaxSessions 1
PostAuthHook file:"/usr/local/adm/bin/filename.pl"
SessionDatabase SQLDB
</Realm> ################################################################
<Realm 1.1.1>
AccountingHandled
AuthByPolicy ContinueWhileAccept
PreAuthHook file:"/usr/local/adm/bin/filename.pl"
AuthBy CheckLDAP
AuthBy Block-Time-SQL
PostAuthHook file:"/usr/local/adm/bin/filename.pl"
MaxSessions 1
SessionDatabase SQLDB
AcctLogFileName /var/radius/Acct
</Realm>
#######################################################################
<SessionDatabase SQL>
Identifier SQLDB
DBSource dbi:mysql:xxx:localhost
DBUsername xxxxx
DBAuth xxxxx
</SessionDatabase>
Jaskaran Singh
University Systems & Security
Fairleigh Dickinson University
Teaneck, NJ 07666
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20031112/213cba23/attachment.html>
More information about the radiator
mailing list