Imported users and radius

Home Page Forums Network Management ZeroShell Imported users and radius

This topic contains 4 replies, has 0 voices, and was last updated by  calman 10 years, 5 months ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #41411

    calman
    Member

    Hi, I’m a teacher, and i wish create a students’s hotspot.

    Is possible to use the zeroshell’s radius to validate mikrotik hotspot users? If these they have been imported from a ldif file ? (about 600 users)

    Thanks
    Jordi

    #47435

    imported_fulvio
    Participant

    Yes, the RADIUS server of Zeroshell (FreeRadius) can be used to authenticate Mikrotik users, but to import the LDIP files you should know the clear-text password.

    Regards
    Fulvio

    #47436

    calman
    Member

    is possible uncoment the lines in radius.conf and use local linux users?

    # passwd = /etc/passwd
    # shadow = /etc/shadow
    # group = /etc/group
    Thanks
    Jordi

    #47437

    calman
    Member

    Hello, we imported the users in clear-text password
    The mikrotik hotspot shows “invalid username or password” and the radius logs shows these logs lines. The user “prova” is created from zeroshell user add and it works ok

    22:15:38 Login incorrect (rlm_ldap: User not found): [malaman1] (from client mk1 port 2159017989 cli 00:1C:BF:91:C0:7B)
    22:16:33 Login OK: [prova] (from client mk1 port 2159017991 cli 00:1C:BF:91:C0:7B)

    here there is an ldif example

    dn: uid=malaman1,ou=People,dc=dominio,dc=com
    uid: malaman1
    cn: de lospalotes
    roomNumber: pepito
    givenName: de
    sn: lospalotes
    mail: malaman1@dominio.com
    objectClass: person
    objectClass: organizationalPerson
    objectClass: inetOrgPerson
    objectClass: posixAccount
    objectClass: top
    objectClass: shadowAccount
    userPassword: capullos
    shadowLastChange: 14144
    loginShell: /bin/ssh
    uidNumber: 510
    gidNumber: 504
    homeDirectory: /home/alumnes/malaman1
    gecos: pepito de, lospalotes

    Thanks a lot
    Calman

    #47438

    imported_fulvio
    Participant

    The authentication is based on Kerberos5 and not on the userPassword LDAP attribute. The easier solution is to use the cpw script to set the password. For example to set the fulvio’s password to “fulviopassword” use the following command:

    /root/kerbynet.cgi/scripts/cpw fulvio “” “fulviopassword” NOCHECKPW

    Now, you just have to write a script that automatically extracts usernames and passwords from the LDIF file and calls the cpw command.

    Regards
    Fulvio

    #47439

    calman
    Member

    thanks fluvio we work on it and we’ll post the results

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.