RE: Blank's in Usernames

Jason Hodges (jason.hodges@sprint.com.au)
Tue, 1 Jul 1997 10:13:56 +1000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: MegaZone: "missing Acct-Output-Octets (fwd)"
Previous message: Robert Hiltibidal: "Re: Portmaster RADIUS Users Digest V97 #144"

We've seen this to be more of a problem when running seperate radius
authentication and accounting servers. Our authentication process looks
in the UNIX passwd files for username/password. Again, if for example a
customer logs on as 'sam king' , it authenitcates him to the account
'sam' but the accounting record is sent as 'sam king'.. It's not so much
of a problem but it sure slows down our accounting process as we have to
use LIKE in an SQL query which really slows things down a bit :(.

>----------
>From: Dietmar Stommel[SMTP:dstommel@netcologne.de]
>Sent: Monday, June 30, 1997 9:37 PM
>To: portmaster-radius@livingston.com
>Subject: Blank's in Usernames
>
>Hey,
>
>my radiusd look's in /etc/passwd ,/etc/shadow for Username/Password.
>
>When i dial in with my real username plus blank's plus a string, and the
>correct password, i get full access. But with the wrong username.
>
>Example:
>
>Username in /etc/passwd: "test01"
>
>Dial in with Username: "test01 123"
>
>It looks like, radiusd usr only the first part of the username for the
>check !
>
>Is this a bug ?
>
>
>Gruss
>
>Dietmar Stommel
>
> __o
>NetCologne GmbH _`\<,_
>Phone +49 221 95474 246 Maarweg 163 (_)/ (_)
>Fax +49 221 95474 290 50825 Koeln ~~~~~~~~~~~~
>eMail dstommel@netcologne.de http://www.netcologne.de
>
>
>

Next message: MegaZone: "missing Acct-Output-Octets (fwd)"
Previous message: Robert Hiltibidal: "Re: Portmaster RADIUS Users Digest V97 #144"