(RADIATOR) SQL logging and User-Name

Hugh Irvine hugh at open.com.au
Tue May 22 18:18:24 CDT 2007


Hello Wyman -

You should use something like this:


	AcctColumnDef USERNAME, %w, formatted


You will also need to check a trace 4 debug to see exactly what is in  
the User-Name attribute when the accounting requests are received.

See sections 5.2 and 5.29.14 in the Radiator 3.17.1 reference manual  
("doc/ref.html").

regards

Hugh



On 23 May 2007, at 00:46, Wyman Miles wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I'm trying to get a clean username logged out of accounting  
> records, but
> having a little trouble.  We've got a variety of NAS contributing  
> to this
> - -- 3Com ARC, Cisco ASA5500, and Siemens HiPath.
>
> Pertinent config looks like:
>
> <AuthBy SQL>
> 	Identifier SQLAccounting
> 	AuthSelect
> 	DBSource ...	
> 	DBUsername ...
> 	DBAuth ...
> 	HandleAcctStatusTypes Start,Stop
> 	AcctFailedLogFileName %L/sqlacct.misfires
> 	AccountingTable radacct
> 	AcctColumnDef USERNAME,User-Name
> 	AcctColumnDef REALM,%W
> 	...
> </AuthBy>
>
> In the above config, I'll get "wm63 at CIT.VPN"
>
> I've been through various flavors of "%u" "%U" and "%w".  For some
> combination of NAS and User-Name sent, I'll get empty values in the  
> table.
>
> What's the magic syntax to get the username as sent in the initial  
> packet,
> minus the realm, reliably?
>
> Thanks!
>
>
> Wyman Miles
> Senior Security Engineer
> Cornell University, Ithaca, NY
> (607) 255-8421
> -----BEGIN PGP SIGNATURE-----
> Version: Mulberry PGP Plugin v3.0
> Comment: processed by Mulberry PGP Plugin
>
> iQA/AwUBRlMCSMRE6QfTb3V0EQKoNQCfYN/c9YQzULdSd+4Es+Zo09evN9IAn1C9
> KVBvvd9fEcMvW3OyhWwKwLSC
> =WYGW
> -----END PGP SIGNATURE-----
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list