'Re: sql ldap simultaneous-use'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: sql ldap simultaneous-use
From:       mcury via Freeradius-Users <freeradius-users () lists ! freeradius ! org>
Date:       2022-12-23 19:58:51
Message-ID: X6GVSLLxthUU0G4kQWhbmvl8P0Mo8-7xTJdeM-b6f-LzeVb3WuyCUQbgv8xqhG6mJG533O0a5H2SEVkQ-6FH5R8cUKZrOQqV7OjgEL6VnTY= () protonmail ! com
[Download RAW message or body]

I really appreciate your help. Its working now :)

(94)   Reply-Message := "You are already logged in - access denied"
(94) eap_peap: Got tunneled reply code 3
(94) eap_peap:   Reply-Message := "You are already logged in - access denied"
(94) eap_peap: Got tunneled reply RADIUS code 3
(94) eap_peap:   Reply-Message := "You are already logged in - access denied"
(94) eap_peap: Tunneled authentication was rejected
(94) eap_peap: FAILURE
(94) eap: Sending EAP Request (code 1) ID 246 length 46
(94) eap: EAP session adding &reply:State = 0xe567fa8aec91e376
(94)     [eap] = handled

> You just do:
> 
> control:Simultaneous-Use += radiusSimultaneousUse

I was so close ehhe

Thank you so much, and happy holidays :)
Best regards, Marcelo.

------- Original Message -------
On Friday, December 23rd, 2022 at 16:27, Alan DeKok <aland@deployingradius.com> \
wrote:


> On Dec 23, 2022, at 1:32 PM, mcury via Freeradius-Users \
> freeradius-users@lists.freeradius.org wrote: 
> > Hi, I'm new to freeradius, currently trying to enforce simultaneous-use = 1 in my \
> > wireless network but it is not working. unifi access point > freeradius > \
> >                 samba-ad-dc
> > ...
> > I'm using LDAP for authentication through post-auth section in \
> > sites-available/default file using Unlang and its working perfectly.
> 
> 
> OK, that's good.
> 
> > (11) if (LDAP-Group == "wifi_users" && NAS-IP-Address == "172.16.200.3") -> TRUE
> > (11) if (LDAP-Group == "wifi_users" && NAS-IP-Address == "172.16.200.3") {
> > (11) update {
> > (11) control:Simultaneous-Use := 1
> 
> 
> That sets Simultaneous-Use as necessary.
> 
> > (11) reply:Class := 0x776966695f7573657273
> > (11) } # update = noop
> > (11) [noop] = noop
> > (11) } # if (LDAP-Group == "wifi_users" && NAS-IP-Address == "172.16.200.3") = \
> > noop (11) ... skipping elsif: Preceding "if" was taken
> > (11) } # post-auth = ok
> > (11) Sent Access-Accept Id 77 from 192.168.255.241:1812 to 172.16.200.3:38173 \
> > length 187 
> > LDAP attribute map as per below:
> > mods-available/ldap:
> > update {
> > ...
> > control:Simultaneous-Use += 'radiusSimultaneousUse = 1'
> 
> 
> What is that?
> 
> You don't set values in the ldap module configuration. You just do:
> 
> control:Simultaneous-Use += radiusSimultaneousUse
> 
> > sql is included inside session { section as per documentation.
> > 
> > Any tips, perhaps I forgot something?
> 
> 
> Read the debug output to see what's going on. It prints out everything it does, and \
> why a user is allowed (or not) on the network. 
> Alan DeKok.
> 
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic