(RADIATOR) Problem with the username that is used for online confirmation

Hugh Irvine hugh at open.com.au
Thu Mar 30 13:11:04 CST 2006 

Hello Vangelis -

What version of Radiator are you running?

regards

Hugh


On 30 Mar 2006, at 21:56, Vangelis Kyriakakis wrote:

> Hello Hugh,
>
>      Thanks for the answer. The username that I want to get back is  
> the rewritten one, that is the one I allready store in the  
> RADONLINE. But What I get is the full original username. I guess  
> what you told me to do will give me the original username, or am I  
> wrong?
>
>            Regards
>                 Vangelis Kyriakakis
>
> Hugh Irvine wrote:
>
>>
>> Hello Vangelis -
>>
>> You must extend the RADONLINE table to include a field to contain  
>> the  original username and modify the AddQuery so it adds both  
>> the  rewritten username and the original username to the table.  
>> Then the  fifth field in the CountQuery must be the original  
>> username.
>>
>> hope that helps
>>
>> regards
>>
>> Hugh
>>
>>
>> On 30 Mar 2006, at 20:43, Vangelis Kyriakakis wrote:
>>
>>> Hello,
>>>
>>>     I see from the logfiles that Radiator always uses the whole   
>>> username that is being authenticated as the username that is  
>>> used  for online confirmation via SNMP.
>>>     The manual says in CountQuery "If a user name is present as  
>>> the  fifth field returned by the query, that is the user name  
>>> that will  be used to confirm the user is still on line.".
>>>     Using the following configuration:
>>>
>>> <Handler Client-Identifier=adsl>
>>>        RejectHasReason
>>>        RewriteUsername s/^([^@]+).*/$1/
>>>        AuthBy adsl
>>>        SessionDatabase Session-dsl
>>>        AuthLog logger
>>> </Handler>
>>>
>>> <SessionDatabase SQL>
>>>        Identifier Session-dsl
>>>        DBSource dbi:Sybase:RADIUS
>>>        DBUsername tacacs
>>>        DBAuth xxxxxxx
>>>        Timeout 5
>>>        FailureBackoffTime 5
>>>        AddQuery insert into netman..RADONLINE   
>>> (USERNAME,NASIDENTIFIER,NASPORT,\
>>>               ACCTSESSIONID,TIME_STAMP,FRAMEDIPADDRESS,NASPORTTYPE,\
>>>               SERVICETYPE) values ('%U','%N',0%{NAS-Port},'% 
>>> {Acct- Session-Id}',\
>>>               %{Timestamp},'%{Framed-IP-Address}','%{NAS-Port- 
>>> Type}',\
>>>               '%{Service-Type}')
>>>        DeleteQuery delete from netman..RADONLINE where   
>>> NASIDENTIFIER='%1' and NASPORT=0%2
>>>        ClearNasQuery delete from netman..RADONLINE where   
>>> NASIDENTIFIER='%N'
>>>        CountQuery select NASIDENTIFIER, NASPORT, hextoint  
>>> (ACCTSESSIONID), FRAMEDIPADDRESS, USERNAME from netman..RADONLINE wh
>>> ere USERNAME='%U'
>>> </SessionDatabase>
>>> If the user that is being authenticated is user at domain then   
>>> Radiator always uses user at domain as the username that is checked   
>>> against the snmpget result although the RADONLINE database keeps   
>>> only user in the USERNAME field.
>>>
>>>     Am I doing something wrong, or is this a bug?
>>>
>>>                   Regards
>>>                        Vangelis Kyriakakis
>>>
>>> -- 
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/ 
>> archives/ radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list