[RadiusNT Digest]

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Previous message: Dale E. Reed Jr.: "Re: Basic Radius Setup"
• Next message: Mohammed Ersan: "Cisco filters and IP Pool"

Message 2: Re: Login Limit
from "Dale E. Reed Jr." <daler@iea-software.com>

Message 3: Re: DB problems, again.
from "Dale E. Reed Jr." <daler@iea-software.com>

Message 4: Re: emerauth.dll not loading with Serv-U
from "Dale E. Reed Jr." <daler@iea-software.com>

Message 5: Re: SOLVED: Problems with Proxy from Service
from "Dale E. Reed Jr." <daler@iea-software.com>

Message 6: Unsubscribe
from "Peter A. Smirnoff" <peter@vicom.ru>

Message 7: Session-Timeout and Idle-Timeout
from William Siradas <bill@webt.com>

Message 8: Re: Session-Timeout and Idle-Timeout
from "Josh Hillman" <admin-maillist@talstar.com>

Message 9: Re: Session-Timeout and Idle-Timeout
from "Dale E. Reed Jr." <daler@iea-software.com>

Message 10: Re: Basic Radius Setup
from "Dale E. Reed Jr." <daler@iea-software.com>

..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 1 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: Concurrency Control
From: "Dale E. Reed Jr." <daler@iea-software.com>
Date: Tue, 21 Jul 1998 00:08:57 -0700

Tony Schwartz wrote:
>
> Does Concurrency control simply look at login id or passwd also??
>
> I ask because we have several users with same login id due to acquisitions
> we have done. RadiusNT is quite cool as it can handle multiples with same
> name as it checks the passwd also for match up.
>
> If we turn Conc Control on will we only have one instance of a userid at a
> time??

Yes. Concurrency control currently works via a username and will not
work correctly if you have more than one person with the name login.

-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com


..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 2                                                           |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Login LimitFrom:    "Dale E. Reed Jr." <daler@iea-software.com>Date:    Tue, 21 Jul 1998 00:14:42 -0700

Greg Lowthian wrote:> > I have a customer that want's 6 logins with the same username and> password.> I have Concurrency Control and Variable Login Limits checked and> a login limit of 6.> On an Ascend 4004 we can only get 2 logins all others> authenticate and> login (looking at -x15) but are dropped with in 2 to 4 seconds> (nothing in -x15)> Any ideas?

I would guess you have Shared Profiles set to no in the MAX.  Unless thatis set to Yes, the MAX will reject additional logins of the same username.

-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com


..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 3                                                           |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: DB problems, again.From:    "Dale E. Reed Jr." <daler@iea-software.com>Date:    Tue, 21 Jul 1998 00:35:15 -0700

Reid Sutherland wrote:> > In the documentation it states that MasterAccounts has pretty much nothing> to do with anything except for if the user is active or not. But I found

Could you point me to where it says that?

> something fun today. MasterAccounts is checked for almost everything. In> other words, loginp, password, accounttype, and shell are all checked here.

No they are not.  MasterAccounts is one of many tables used in a cross tabquery.  Those fields are from the SubAccounts table, not the MasterAccountstable.

> Any reason for this not being in the docs?

Because its not correct?

> If I removed these fields I had to create from the Masteraccounts, Radius> will not auth the user.> > Here's a snipet I got from Radius in -x15 mode.> >  SQL Statement: Select DateDiff('n', Now, DateAdd('d', ma.Extension+1,> maExpireDate)), DateDiff('n', Now, DateAdd('d', ma.Extension+1,> maExpireDate)), sa.AccountID, sa.AccountType, sa.Password, sa.Login,> sa.Shell From MasterAccounts ma, SubAccounts sa  Where (sa.Login='fitzgewi'> or sa.Shell='fitzgewi') AND ma.CustomerID=sa.CustomerID and sa.Active<>0 and> ma.Active<>0

sa is an alias for the subaccounts table and ma is an alias for theMasterAccounts table.  Therefore, the fields used in the abovre are:

MasterAccounts		SubAccounts---------------------	------------------------Extension		AccountIDmaExpireDate		AccountTypeCustomerID		PasswordActive			Login			Shell			Active

I'm really not sure exactly what you think is wrong?

-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com


..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 4                                                           |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: emerauth.dll not loading with Serv-UFrom:    "Dale E. Reed Jr." <daler@iea-software.com>Date:    Tue, 21 Jul 1998 00:37:18 -0700

Josh Hillman wrote:> > > From: Bruno Tremblay <bruno@mustangtechno.com>> > I'm Using Radius v 2.5.124 Enterprise Edition With SQL.> >> > I installed emer_su.dll with Serv-U v2.3c build 11 and is working very> well.> >> > I tryed to install emerauth.dll with Serv-U v2.3c build 11 and I got that> > error : PROBLEM: Cannot find/load DLL c:\progra~1\serv-u\emerauth.dll> (can> > also happen if the DLL uses other DLLs which are not available).> > The DLL is in that directory, and the version of SERV-U is registered.> > Have you tried putting emerauth.dll in the Emerald directory?  If not, try> it out and remember to modify the serv-u.ini to>   [EXTERNAL]>   ClientCheckDLL1=c:\progra~1\emerald\emerauth.dll> > I'm still using emer_su.dll and that file is in my Emerald directory, so I> have no idea if my idea above will have any effect on your problem...

We have confirmed the problem with emerauth.dll not working correctly withServ-U and are working on it.  You should use the emer_su.dll until we release a new version of the EmerAuth.dll.

-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com


..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 5                                                           |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: SOLVED: Problems with Proxy from ServiceFrom:    "Dale E. Reed Jr." <daler@iea-software.com>Date:    Tue, 21 Jul 1998 00:41:57 -0700

iml@interconnect.net wrote:> > RFC what's that? hahah> > We are a big company we can make up our own standards.> > Seems lots of companies these days have that attitude.

Its just a sore spot for me.  I get sick of tired of multi-milliondollar companies who can read a RFC.  Geeze, its like how many engineersto does it take to read an RFC? > On Sun, 19 Jul 1998 23:44:37 -0700, you wrote:> > >Tony Schwartz wrote:> >>> >> Sorry...  A great case of RTFM...> >>> >> I had to set malformed to on.  A little more reading always helps.> >> >So, we have Merit, Cisco, USR, and Livingston all sending malformed> >packets.  Is there ANYONE who can read an RFC and implement it> >correctly.  Man that is just downright depressing! :(

-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com


..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 6                                                           |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: UnsubscribeFrom:    "Peter A. Smirnoff" <peter@vicom.ru>Date:    Tue, 21 Jul 1998 13:13:27 +0400

Unsubscribe




..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 7                                                           |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Session-Timeout and Idle-TimeoutFrom:    William Siradas <bill@webt.com>Date:    Tue, 21 Jul 1998 16:26:06 -0400

I'm wondering if these values should be entered in seconds or minuets orhours????   can anyone clear this up for me ? thanks.   



--------------------------------------------------------


William Siradas (wsiradas@webt.com)Technical SupportWeb Technologies




..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 8                                                           |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Session-Timeout and Idle-TimeoutFrom:    "Josh Hillman" <admin-maillist@talstar.com>Date:    Tue, 21 Jul 1998 17:12:51 -0400

> From: William Siradas <bill@webt.com>> I'm wondering if these values should be entered in seconds or minuets or> hours????   can anyone clear this up for me ? thanks.   

I don't know what type of NASes you have, but our Ascend units use seconds.

Josh Hillmanhillman@talstar.com



..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 9                                                           |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Session-Timeout and Idle-TimeoutFrom:    "Dale E. Reed Jr." <daler@iea-software.com>Date:    Tue, 21 Jul 1998 15:53:40 -0700

William Siradas wrote:> > I'm wondering if these values should be entered in seconds or minuets or> hours????   can anyone clear this up for me ? thanks.

All time values in RADIUS itself are in seconds.  The TimeLeft fieldin the SubAccounts table is in minutes, though.

-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com


..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 10                                                          |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Basic Radius SetupFrom:    "Dale E. Reed Jr." <daler@iea-software.com>Date:    Tue, 21 Jul 1998 23:38:08 -0700

rabaut wrote:> > To setup an account so a user can only login once, I need to set up the> SubAccounts LoginLimit = 1 ...  What else do I need to set?? and where??

You need to have the callsonline working and Concurrency control enabledin the RadiusNT admin. > Is the CallsOnline just info from the Servers and ServerPorts tables?  If> so, i don't seem to be collecting any info there...

Do you have manual calls update enabled in the RadiusNT admin? > To get the StartTime/StopTime working, do I need to manually populate the> entire ServerAccess table?

Yes. > Do I copy the ServerID from the Servers table and the Port from the> ServerPorts table for the ServerAccess table?

Yes.  I believe the ServerPorts can be NULL to specify all ports for theserver (and reduce the number of records required). > Can I assume that the start and stop times are based on the account types> and not on the user??

Yes. > Can I make up a special account type and then assign unique start and stop> times??

Yes. 
-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com






 Previous message: Dale E. Reed Jr.: "Re: Basic Radius Setup"

 Next message: Mohammed Ersan: "Cisco filters and IP Pool"