Radius server (not elektron!) interacting with mysql DB and LDAP

I am installing a service that requires a radius server. I have tried to build and install freeradius from source, as well as used the installer packages that are out there. None of them include support for mysql. As soon as you turn on sql in the radiusd.conf you get an error like this:
rlm_sql: Could not link driver rlmsqlmysql: file not found
Similar to the problem described here:
http://www.freeradius.org/faq/#4.14
Except that I get an error saying that rlmsqlmysql.a is an invalid image. The file exists and freeradius sees it and can find it, it's just not usable by freeradius. Like I said I have tried building this from the latest cvs source, and finally got it to build completely fine, and even except connections.
I just need it to authenticate to mysql now.
Anybody have any pointers. I have tried some of the suggestions on the freeradius faq, but I think what I am encountering is an issue specific to os x tiger. I have even tried to install using darwinports, but the installation fails.
The system I am trying to install this on is running 10.4.2 (I am apprehensive about updating the system, because of issues with mysql being hosed.)
If anyone thinks or knows that 10.4.2 has specific issues as to why it cannot be installed on 10.4.2 I may need to look into doing a backup and then upgrade of the server, and attempt freeradius install on 10.4.7.
Thanks in advance for any and all help!

Big help you OS Xers are. J/P!
Since this place is supposed to be about education, let's educate!
I ended up installing OpenRadius and using RADsql (it comes with openradius). It's a bit finicky, but in the end it seems to be working. You also have to install Perl DBI, and Perl DBD Mysql, all of which I installed using darwing ports (also btw, you are better off getting the darwin/macports source and compiling it yourself, rather than using the DMG installer) If you are paranoid about using terminal there is an app out their called PORT AUTHORITY which is basically a gui front end to install darwinport apps.
You may have to do a little searching, but the key is getting the behaviour file and the config file correct, I found examples of the two I needed here:
http://www.mirrors.wiretapped.net/security/authentication/radius/openradius/exam ples/0.9.10/
I am attempting to also have openradius look at ldap if it can't auth to sql, I think this is possible, since it seemed to be in freeradius. So that our users don't need to choose a seperate auth protocol.
I hope at least part of what I have to say will help someone out there, I will update this as I find out more. Right now I can only auth via clear-password, which is not really much of an issue, since this will all be LAN and WAN behind a firewall. But it would be nice if it was at least MD5 which openradius is supposed to support.

Similar Messages

  • 'Element is currently not visible and so may not be interacted with' when using Firefox.

    .

    Hi MonsoonMally,
    Thank you for posting in MSDN forum.
    >>'Element is currently not visible and so may not be interacted with', when playing back a CodedUI capture for a particular button selection function (captured in IE) and played back in Firefox.
    Based on your issue, I suggest you can try to use the
    DrawHighlight Method /SetFocus() to check if the correct control is found before you perform actions on the target control.
    If the above suggestion could not help you, since this cross browser testing is involved to the Extensions tool
    Selenium components for Coded UI Cross Browser Testing, this extension tool is
    out of support range of this forum.
    In order to resolve your issue better, I suggest you post this issue
    here, click “Q AND A”, you will get better support there.
    Thanks for your understanding.
    Best Regards,
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click
    HERE to participate the survey.

  • Existing Apple ID is not longer working with Face Time and Message on the iPhone after iOS 6

    After the IOS 6 update on my iPhone the Apple ID is not longer working with Face Time and Message. Each time I try to log in I receive the message that the password or the user is not right. But they are, because on all other devices and all other parts of the iPhone (iCloud, AppStore, iTunes) they are working. Other Apple IDs are working fine.
    What's wrong? Any idea?
    Thanks

    Blue
    It sounds like you restored from an old back-up.  Did you back-up just before your software update?  It will use your last one and if your last back-up was a ywear old then it will use that one.
    In general, if you are getting these messages on your iPhones select logout (when you get that Apple Id request) and then log back in with your newer ID.
    Sorry for your losses.
    Cheers

  • The Battery in my laptop has been replaced twice and this is the third time the battery has swollen up. Since the first time it was swollen I have asked the reason but Apple has not come up with a reason and just replaced it. Second time also the ser

    The Battery in my laptop has been replaced twice and this is the third time the battery has swollen up.
    Since the first time it was swollen I have asked the reason but Apple has not come up with a reason and just replaced it.
    Second time also the service centre replaced the battery but were unable to give me a reason.
    I had asked them to replace the laptop as this has been happening repeatedly and seems to be something with the laptop
    otherwise why should every battery they put swell ?
    This is the third time this has happened. And now they refuse to replace the battery or the laptop also.
    What is the solution?

    Make an appointment at the Genius Bar of an Apple store and press the problem. Elevate to store manager if necessary. Maybe the charging circuits are defective resulting in overcharging which is causing the battery problem.
      Apple Retail Store - Genius Bar

  • Why is photostream not working together with my macbook and iphone?

    Photostream is not working togther with my macbook and iphone. How can I sync it?

    Has it ever worked?
    If you recently turned on photo stream on the mac and iphone, then (on the iphone) only new photos are included in photo stream, old ones are not.
    But syncing to your mac (if the photos originate from the iphone) is critical.  That's how you store photos (they can easily disappear on the iphone due to many "issues" that can occur, and relying on an icloud backup is not safe - to many users have lost some/all their photos when doing a restore.
    So be sure to begin by doing a sync to the mac using itunes/iphoto with a USB cable. 

  • T400 does not start up with a battery and AC, but starts up with only AC.

    I bought T400, 7417-CTO in Jan 2010. My T400 does not start up with a battery and AC power. I tried to start with only AC power after pulling out the battery, it worked fine. Even when I inserted the battery in T400, which was running perfectly with AC only, T400 seems to lose the power - more strictly speaking, it kept stoping and re-running several times, and finally it dead.
    a few possibilities
    1) a battery is dead - but it does not explain the failure with both AC and battery
    2) some hibernation issue - I plugged in and out the DIMM, and clock battery. I tried to keep pushing the power button trick, but it didn't work
    3) Mother board failure??
    I really appreciate if you give me some advice on it.
    Wanyong

    Thanks for all your kind and helpful comments.
    Unfortunately, I don't have any friends who have Lenovo - or I don't have many friends here since I moved in the last summer. ;-)
    After purchasing a new battery, I will update it. Hope that this thread helps someone who had/will have same prob. as mine.
    -WS

  • BAPI "BAPI_POSRVAPS_GETLIST2" not extracting Orders with category BC and BD

    Hi,
    I am using a BAPI  "BAPI_POSRVAPS_GETLIST2"  to extract the receipts and requirement elements from live cache, however I found that this BAPI does not extract orders with category BC and BD (Stock transfer reservation).
    Can you kindly let me know whether this is correct ? BC and BD does not fall in receipt or requirement category ?
    If yes then which BAPI should I use to extract orders with BC and BD category ?
    Thanks & Regards,
    Rohit

    Hi Rohit,
      The categories BC & BD are coming under reciepts & requirements only and i guess should be retrived by standard BAPI.
    Please try using BAPI BAPI_POSRVAPS_GETLIST3.
    and also mention correct 'locationproducts' as mentioned in the below thread.
    Purchase order data for ATP category BH and BI not retrieved
    Initially plese try to retrieve the details by 'Order number' to make sure the BAPI is working fine. Later you can do it by locproducts and ATP category.
    Hope it helps.
    Regards,
    Deepthi

  • HT201413 I can sync my contacts but not my calender with iphone 4 and outlook 2007 for windows XP. It was working OK up to a month ago

    I can sync my contacts but not my calender with iphone 4 and outlook 2007 for windows XP. It was working OK up to a month ago

    I found this link:
    http://xlii.be/2011/10/how-to-get-icloud-windows-xp-and-outlook-to-work-together /
    Hope it helps some other noobies like myself.

  • How can I make my Apple tv remote stop interacting with my MacBook and my iMac? Everytime I press the reote, the sound will go up or down on my computers or they will wake up.

    How can I make my Apple tv remote stop interacting with my MacBook and my iMac? Everytime I press the reote, the sound will go up or down on my computers or they will wake up.

    Welcome to the Apple community.
    If you don't want to use a remote with your computer the easiest thing to do is just to turn the IR off. (System Preferences/Security/General)
    If you still want to use your computer remote then you must pair your computers remote with the computer AND the Apple TV remote with the Apple TV.
    To pair a remote with a device hold down the menu and FF buttons together for six seconds or until you see a chain icon on screen (best take the computer into another room, or turn it off, when you do this)

  • I bought a second hand Macbook Pro and colorful stud Only after a few months I decided to reformat it Bad movie started here I did not get it with a disc and I come to install the operating system And he asks the name of Apple's user ID financed had been

    I bought a second hand Macbook Pro and colorful stud
    Only after a few months I decided to reformat it
    Bad movie started here I did not get it with a disc and I come to install the operating system
    And he asks the name of Apple's user ID financed had been bought Lion OS Now
       And who sold me does not answer then I found the phone number of his mother
    She said he lived in USA and paid him more than the lion version of the MacBook and now I can not install Lion
    And I'm not from USA

    Unless you go back to the original owner, yes you need to pay for it again.
    You're entitled to the OS that shipped with the device from Apple, but if you don't have that media there's nothing you can really do.  If the system originally shipped with 10.7 or 10.8 then when you boot it to Internet Recovery, it will automatically offer you that OS version (as the serial # is registered with Apple).  If it shipped with an older OS, then you need to enter the Apple ID that purchased 10.7 or 10.8.  You didn't purchase it so that's not you.
    The options you have are to buy Lion for $29 US (I don't know the price in Palestine), or Mountain Lion for $19 US (don't know the price in Palestine either), and install from scratch.
    And it's a good idea to know you have restore media before you reformat your machine.

  • Radius server not returning Filter-id information to access device

    I have set up a Radius server (v. 4.15 16 april 2003) on NW65sp2 server
    and I'm trying to use it to authenticate to a Watchguard Firebox II
    firewall. The authentication functions but apparently the firewall is
    not getting (or not parsing) the Filter-Id information to assign access
    rights via groups. When I login to the firewall with "user1", the
    response is "Authenticationsucceeded, but no access grantedfor user". If
    I define "user1" on the firewall and assign it to an access policy, then
    everything works. But if I define an access group "group1" and assign
    it to an access policy on the firewall and then assign "group1" to the
    eDir Access Profile object that is assigned to "user1", (Filter-Id =
    group1) I get the above authentication succesful, but no access granted.
    Is there a way to identify exactly what information is being sent from
    the Radius server to the access device so I can determine if the problem
    is on the Novell Radius server side or the Watchguard Firewall side?
    I've activated the Radius Debug Log, but that only tells me that it
    finds all the relevant objects in eDirectory and that authentication is
    successfull, but there is no indication that any other information is
    being sent to the access device.
    As I understand it, the filer-id's are supposed to allow a link between
    the eDir user objects and what access rights are allowed on the access
    device (firewall). Essentially this is how I define group memberships on
    the firewall using eDir user. Is this assumption correct?
    The goal of course is to allow access over the firewall without having
    to type in 500 user names on the firewall.
    Any ideas or tips on what I could check or configure differently would
    be helpful. thanks
    bill reading

    thanks for the feedback. I will take a look at the thread you mentioned
    and I'll get back to you with the trace as soon as I can arrange it.
    Scott Kiester wrote:
    > There is a thread titled "RADIUS Group with VASCO Digipass" in this group
    > from November where someone else was trying to use the filter-Id attribute
    > with their firewall. The customer was able to get this attribute to working
    > after tweaking his RADIUS configuration.
    >
    > Your understanding of the filter-Id attribute is correct. Either the RADIUS
    > server is not sending this attribute for some reason, or something on your
    > firewall has been misconfigured. A good starting point would be to take a
    > sniffer trace to see if the filter-Id attribute is in the access-request
    > packet. (You can use Ethereal, which is a free download from
    > www.ethereal.com, for the trace.) Post the trace here or send it to me at
    > [email protected] and I'll take a look at it.
    >
    >
    >>>>bill reading<[email protected]> 12/07/04 8:36 AM >>>
    >
    > I have set up a Radius server (v. 4.15 16 april 2003) on NW65sp2 server
    > and I'm trying to use it to authenticate to a Watchguard Firebox II
    > firewall. The authentication functions but apparently the firewall is
    > not getting (or not parsing) the Filter-Id information to assign access
    > rights via groups. When I login to the firewall with "user1", the
    > response is "Authenticationsucceeded, but no access grantedfor user". If
    > I define "user1" on the firewall and assign it to an access policy, then
    > everything works. But if I define an access group "group1" and assign
    > it to an access policy on the firewall and then assign "group1" to the
    > eDir Access Profile object that is assigned to "user1", (Filter-Id =
    > group1) I get the above authentication succesful, but no access granted.
    > Is there a way to identify exactly what information is being sent from
    > the Radius server to the access device so I can determine if the problem
    > is on the Novell Radius server side or the Watchguard Firewall side?
    > I've activated the Radius Debug Log, but that only tells me that it
    > finds all the relevant objects in eDirectory and that authentication is
    > successfull, but there is no indication that any other information is
    > being sent to the access device.
    >
    > As I understand it, the filer-id's are supposed to allow a link between
    > the eDir user objects and what access rights are allowed on the access
    > device (firewall). Essentially this is how I define group memberships on
    > the firewall using eDir user. Is this assumption correct?
    >
    > The goal of course is to allow access over the firewall without having
    > to type in 500 user names on the firewall.
    >
    > Any ideas or tips on what I could check or configure differently would
    > be helpful. thanks
    >
    > bill reading
    >
    >

  • OTP of ASDM using external radius server ( Not RSA )

    Hello,
    Just seeing if the ASDM will support OTP using an external radius server, and not RSA.  I see there was a feature added to 8.2 that states its possible with RSA, but nothing of any other support.  Just checking to see if someone know for sure.
    Thanks,
    Jason

    I did see in the Release notes for ASDM 6.2, that SDI is support with RSA.  Can anyone confirm or not if it works with Radius too ( OTP ).
    http://www.cisco.com/en/US/docs/security/asdm/6_2/release/notes/asdmrn62.html

  • Printer hp officeject 7700 is not interacting with the wifi and printing

    My hp officejet 7700 printer is not interacting with my mac/wifi.  

    Don't use the disc, it is likely out of date.  Download and install the latest software for your printer from the "Support & Drivers" link at the top of this page.
    Say thanks by clicking "Kudos" "thumbs up" in the post that helped you.
    I am employed by HP

  • Desktops get "Server Not Found" errors with WRT160N

    I'm sharing my WRT160N with 2 laptops and 3 desktops. My laptops connect to the internet ok... drops now and then tho... but my desktops frequently get a "Server Not Found" error. After repeated "try again" clicks, it eventually connects again. Any ideas??

    Try this ;
    Open an Internet Explorer browser page on your wired computer(desktop).In the address bar type - 192.168.1.1 and press Enter...Leave Username blank & in Password use admin in lower case...
    Under the Setup Tab...reduce the MTU value to 1300 and save settings.
    Also reduce the card speed of the dekstop... (assuming it is window XP)..Click on the Start button >>> Control Panel >> Network Connections >> Right click on the ""Local Area Connection"" icon and select properties-Here click on the "Configure" button- Click on the "Advanced" tab- In the "Property" box highlight Link speed and duplex/Connection type/Network or Media type- And in the "Value" box select 10 Mbps half duplex/ 10 base T/10 base half mode and click on OK..  Now restart the computer.

  • ITunes stop interacting with Windows - freezing and needs to be closed down

    The error message is:
    Description
    A problem caused this program to stop interacting with Windows.
    Problem signature
    Problem Event Name: AppHangB1
    Application Name: iTunes.exe
    Application Version: 7.6.2.9
    Application Timestamp: 47efc82f
    Hang Signature: be74
    Hang Type: 2048
    OS Version: 6.0.6000.2.0.0.768.3
    Locale ID: 2057
    Additional Hang Signature 1: a0420be4721928d727f0b2310ff4d529
    Additional Hang Signature 2: 1d7a
    Additional Hang Signature 3: 0b213c2405a8cd0063d8574c3ac4ec87
    Additional Hang Signature 4: be74
    Additional Hang Signature 5: a0420be4721928d727f0b2310ff4d529
    Additional Hang Signature 6: 1d7a
    Additional Hang Signature 7: 0b213c2405a8cd0063d8574c3ac4ec87

    A possible cause is security software (firewall) that blocks or restricts Firefox or the plugin-container process without informing you, possibly after detecting changes (update) to the Firefox program.
    Remove all rules for Firefox from the permissions list in the firewall and let your firewall ask again for permission to get full unrestricted access to internet for Firefox and the plugin-container process and the updater process.
    See:
    *https://support.mozilla.com/kb/Server+not+found
    *https://support.mozilla.com/kb/Firewalls

Maybe you are looking for