AW: Re: Re: Re: 'privacyIDEA request failed: 500 INTERNAL SERVER ERROR' - FreeRadius

Hi Tony,
Glad to hear this.It is great if you can write down some notes which might help others.
Please either send a link or we can publish the information with privacyidea.
Thanks a lot and kind regards Cornelius

Cornelius KölbelCornelius.koelbel@netknights.it+49 151 2960 1417
NetKnights GmbHhttp://netknights.itLandgraf-Karl-Str. 19, 34131 Kassel, GermanyTel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405Geschäftsführer: Cornelius Kölbel-------- Ursprüngliche Nachricht --------
Von: Tony Hawker lil.tud@gmail.com
Datum: 23.10.2015 05:26 (GMT+01:00)
An: privacyidea privacyidea@googlegroups.com
Betreff: Re: Re: Re: ‘privacyIDEA request failed: 500 INTERNAL SERVER ERROR’ - FreeRadius

Hi Corneliuswe have now resolved this issue, it turned out to be an issue with the VPN community on the firewall, once resolved everything started working, its odd that the other auth server was working at all once seeing the issue
Thanks for your support on this, I may put up some basic how-to’s on the checkpoint implementation that can compliment the guides that are already available in the next few days
Cheers

On Thursday, 22 October 2015 22:56:13 UTC+11, Tony Hawker wrote:Thanks CorneliusYes that file exists, seems to be a default file, with allot of ## out bits but no entriesI entered the settings as specifed but still get errors when starting

/etc/raddb/mods-config/files/authorize[221]: Parse error (check) for entry authorize: Invalid attribute nameFailed reading /etc/raddb/mods-config/files/authorize/etc/raddb/mods-enabled/files[9]: Instantiation failed for module “files”

On Thursday, 22 October 2015 22:50:13 UTC+11, Cornelinux K wrote:Hi Tony,

I forgot that you are running on CentOS 7 with FR3.

Did you have a file /etc/raddb/users at all?

In the config you have a

authorize {

update control {

  Auth-Type := Perl

}

}

Which sets the Auth-Type -> Perl for all users.

So in this case you might need to add it like this:

authorize {

update control {

  Auth-Type := Perl

  Class := AVP

}

}

I have not FreeRADIUS 3 at hand to test this…

Kind regards

Cornelius

Am Donnerstag, den 22.10.2015, 09:41 +0200 schrieb Cornelius Kölbel:

Hi Tony,

you can edit your file /etc/freeradius/users like this:

DEFAULT Auth-Type := Perl

    Class = YOUR_GROUP_EXPECTED_BY_CHECKPOINT

This way each user will be authenticated against the perl module a.k.a.

privacyIDEA and put into the the corresponding group.

Or: You can add the Class AVP that is expected by your checkpoint.

Please note: In the radius request the CLass is hex encoded. In the

users config file you need to enter a normal ascii string.

Kind regards

Cornelius

Am Donnerstag, den 22.10.2015, 09:23 +0200 schrieb Cornelius Kölbel:

Hi Tony,

the Attribute Value Pair Class 25 usually seems to expect some

attribute, which the firewall uses to authorize the access or put the

user of this request in some control group.

So the question is: Do you have another RADIUS server running at the

moment and how do the requests look like there?

I assume we have to add an attribute of class 25 with the correct value,

that is expected by your checkpoint configuration.

http://tools.ietf.org/html/rfc2865#section-5.25

And additionally I assume, that the existing attributes did not make the

response fail, but the missing class-25-attribute.

This attribute is usually used for group information.

(http://freeradius.1045715.n5.nabble.com/Reply-with-group-attribute-td2781054.html)

So I guess we need to look an the freeradius side (independent on the

privacyIDEA plugin).

We need to investigate

  • the successful RADIUS REQUEST with your existing RADIUS server
  • the successful RADIUS RESPONSE with your existing RADIUS server

and then configure FreeRADIUS accordingly.

I will try to help you with that.

But maybe at a certain point we might also need to take this to the

freeradius list.

Kind regards

COrnelius

Am Mittwoch, den 21.10.2015, 23:52 -0700 schrieb Tony Hawker:

Thanks Cornelius

this script still doesn’t seem to solve the problem, checkpoint still

doesn’t like the Access-Accept packets for some reason

I’ve had the checkpoint talking to freeradius in the past, so it can

work, but just doesn’t see these accept packets for some reason

On Thursday, 22 October 2015 17:44:43 UTC+11, Cornelinux K wrote:

    Hi Tony, 
    here is a slightly modified script, that does not add any
    additional 
    AVPs into the reply. 
    It only returns ACCESS_ACCEPT or ACCESS_REJECT. 
    This script replaces the existing one. 
    Please restart freeradius and check if checkpoint likes it. 
    Kind regards 
    COrnelius 
    Am Mittwoch, den 21.10.2015, 23:35 -0700 schrieb Tony Hawker: 
    > Hi Cornelius 
    > Thanks for this info 
    > where do i remove that line from? I'm not familiar with this
    process? 
    > do i need to change a config file? or change some source
    code and 
    > recompile? 
    > I believe if i could change the message on that line that
    could also 
    > possible help 
    > 
    > 
    > Cheers 
    > 
    > On Thursday, 22 October 2015 17:27:55 UTC+11, Cornelinux K wrote: 
    >         Hello Tony, 
    >         
    >         at the moment there is no way to configure the reply
    message. 
    >         
    >         You can remove the RAD_REPLY in the privacyidea perl
    module. 
    >
    https://github.com/privacyidea/privacyidea/blob/master/authmodules/FreeRADIUS/privacyidea_radius.pm#L335 
    >         
    >         Thus this information will not be added to the
    reply. 
    >         If this succeeds, please drop me a note or open an
    issue at 
    >         github. 
    >         We can then make the reply configurable. 
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         
    >         Am Mittwoch, den 21.10.2015, 17:54 -0700 schrieb
    Tony Hawker: 
    >         > Hi Cornelius 
    >         > Thanks for your help, I almost have this working
    now, i 
    >         played around 
    >         > allot, but i think that ticking the "use @ to
    separate user 
    >         and realm" 
    >         > has allowed the radius to pass though the details
    correctly 
    >         > 
    >         > 
    >         > I have managed to have my radius client
    authenticate, and it 
    >         seems to 
    >         > be sending back the reply message "privacy IDEA
    access 
    >         granted" to my 
    >         > firewalls (I am tying to authenticate VPN users) 
    >         > 
    >         > 
    >         > I believe the firewall does not like the response
    message, I 
    >         am 
    >         > possibly getting a similar issue described here: 
    >         > 
    >
    https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk107638 
    >         > 
    >         > 
    >         > I have also attached a screen shot of how the
    packet looks 
    >         from 
    >         > privacy idea, do you think that because the reply
    packet is 
    >         slightly 
    >         > different it could be causing this problem? 
    >         > is t possible to change the privacy idea radius
    accept 
    >         packet too 
    >         > something generic? 
    >         > 
    >         > 
    >         > Cheers 
    >         > 
    >         > On Wednesday, 21 October 2015 23:59:18 UTC+11, Cornelinux K  wrote: 
    >         >         
    >         >         
    >         >         Hi, 
    >         >         
    >         >         
    >         >         The user can not be found in the
    resolver. 
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         How does the request look like? 
    >         >         Is the realm the default realm. 
    >         >         how does the DN of the user look like? 
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         You might have specified the wrong realm
    (see 
    >         default realm) 
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         Cornelius Kölbel 
    >         >         Corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >         
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         >         -------- Ursprüngliche Nachricht -------- 
    >         >         Von: Tony Hawker <lil...@gmail.com> 
    >         >         Datum: 21.10.2015 13:14 (GMT+01:00) 
    >         >         An: privacyidea
    <priva...@googlegroups.com> 
    >         >         Betreff: Re: Re: 'privacyIDEA request
    failed: 500 
    >         INTERNAL 
    >         >         SERVER ERROR' - FreeRadius 
    >         >         
    >         >         Hi Cornelius 
    >         >         Thanks for your response 
    >         >         I am running PIP installation on Centos 7 
    >         >         I am running latest version of Privacy
    idea (2.7), 
    >         updated as 
    >         >         per instructions on howtoforge 
    >         >         the user is coming from Active Directory 
    >         >         UID is DN 
    >         >         there are no special characters anywhere
    in the AD 
    >         config 
    >         >         
    >         >         
    >         >         testing using the URL you provided I get
    the message 
    >         below 
    >         >         when attempting to use an AD user 
    >         >         "version": "privacyIDEA 2.7", "result":
    {"status": 
    >         false, "error": {"message": "ERR905: The user can
    not be found 
    >         in any resolver in this realm!", "code": -500}},
    "time": 
    >         1445425459.788956, "id": 1} 
    >         >         
    >         >         but if i use the root user (from the
    privacyidea 
    >         server) this returns: 
    >         >         {"message": "wrong otp pin"},
    "versionnumber": 
    >         "2.7", "version": "privacyIDEA 2.7", "result":
    {"status": 
    >         true, "value": false}, "time": 1445425581.107504,
    "id": 1} 
    >         >         I assume the OTP token is out of sync, but
    looks 
    >         much more promising 
    >         >         
    >         >         any idea on why the AD would not work via
    this 
    >         method? as i can see all the users in the webui etc 
    >         >         
    >         >         Cheers 
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         
    >         >         On Wednesday, 21 October 2015 21:01:47 UTC +11,  Cornelinux K  wrote: 
    >         >                 Hi Tony, 
    >         >                 
    >         >                 
    >         >                 Are you running a pip installation
    or debian 
    >         wheezy? 
    >         >                 
    >         >                 
    >         >                 Which version of privacyidea are
    you 
    >         running? 
    >         >                 
    >         >                 
    >         >                 In certain cases there were
    problems with 
    >         the ldap 
    >         >                 resolver, if the DN contains
    special 
    >         characters and is 
    >         >                 base54 encoded. 
    >         >                 
    >         >                 
    >         >                 Is it openldap or AD? 
    >         >                 
    >         >                 
    >         >                 The Uid type: is it DN or
    entryUUID? 
    >         >                 
    >         >                 
    >         >                 Kind regards 
    >         >                 Cornelius 
    >         >                 
    >         >                 
    >         >                 
    >         >                 
    >         >                 
    >         >                 
    >         >                 Cornelius Kölbel 
    >         >                 Corneliu...@netknights.it 
    >         >                 +49 151 2960 1417 
    >         >                 
    >         >                 
    >         >                 NetKnights GmbH 
    >         >                 http://netknights.it 
    >         >                 Landgraf-Karl-Str. 19, 34131
    Kassel, 
    >         Germany 
    >         >                 Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >                 
    >         >                 
    >         >                 Amtsgericht Kassel, HRB 16405 
    >         >                 Geschäftsführer: Cornelius Kölbel 
    >         >                 
    >         >                 
    >         >                 -------- Ursprüngliche Nachricht
    -------- 
    >         >                 Von: Tony Hawker
    <lil...@gmail.com> 
    >         >                 Datum: 21.10.2015 08:59 (GMT
    +01:00) 
    >         >                 An: privacyidea
    <priva...@googlegroups.com> 
    >         >                 Betreff: Re: 'privacyIDEA request
    failed: 
    >         500 INTERNAL 
    >         >                 SERVER ERROR' - FreeRadius 
    >         >                 
    >         >                 Hi 
    >         >                 thanks for your quick response to
    my issue 
    >         >                 I have been watching the
    privacyidea.log but 
    >         no 
    >         >                 entries are made when a connection
    attempt 
    >         is made via 
    >         >                 the radius, which leads me to
    think that the 
    >         radius is 
    >         >                 not able to see the privacyidea
    API? 
    >         >                 I can access the URI in my
    browser, so i can 
    >         see that 
    >         >                 is up 
    >         >                 
    >         >                 
    >         >                 I see this in the privacyidea.log
    when i 
    >         reboot 
    >         >                 
    >         >                 
    >         >                 [2015-10-21 
    >         > 
    >
    15:41:28,041][1924][139636199069440][ERROR][privacyidea.lib.resolvers.LDAPIdResolver:333] 'Traceback (most recent call last):\n  File "/opt/privacyIDEA/lib/python2.7/site-packages/privacyidea/lib/resolvers/         LDAPIdResolver.py", line 328, in getUserList\n    user = self._ldap_attributes_to_user_object(attributes)\n  File "/opt/privacyIDEA/lib/python2.7/site-packages/privacyidea/lib/resolvers/LDAPIdResolver.py", line 246, in          _ldap_attributes_to_user_object\n    for ldap_k, ldap_v in attributes.items():\nAttributeError: \'NoneType\' object has no attribute \'items\'\n' 
    >         >                 
    >         >                 
    >         >                 Cheers 
    >         >                 
    >         >                 
    >         >                 
    >         >                 
    >         >                 
    >         >                 
    >         >                 
    >         >                 
    >         >                 On Wednesday, 21 October 2015 17:14:34 UTC  +11,  Cornelinux K wrote: 
    >         >                         Hi Tony, 
    >         >                         
    >         >                         please do the following: 
    >         >                         
    >         >                         1. Take a look into the
    audit log 
    >         >                         
    >         >                         Within the webui take a
    look, what 
    >         you can see 
    >         >                         in the request in the 
    >         >                         AUdit Tab. The right most
    tab. 
    >         >                         
    >         >                         I assume, the user does
    not exist. 
    >         >                         
    >         >                         The audit gives you a top
    level view 
    >         of what 
    >         >                         is happening in 
    >         >                         privacyidea. 
    >         >                         
    >         >                         2. Take a look into the
    log file 
    >         >                         privacyidea.log. 
    >         >                         This gives you a detailed
    view, of 
    >         what is 
    >         >                         happening. 
    >         >                         
    >         >                         Kind regards 
    >         >                         Cornelius 
    >         >                         
    >         >                         Am Dienstag, den
    20.10.2015, 17:56 
    >         -0700 
    >         >                         schrieb Tony Hawker: 
    >         >                         > Hi 
    >         >                         > I have followed the
    guide on 
    >         setting up 
    >         >                         Privactidea on Centos 7
    here: 
    >         >                         > 
    >         > 
    >
    https://www.privacyidea.org/two-factor-authentication-with-otp-on-centos-7/ 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > I can access the webui,
    register 
    >         tokens, 
    >         >                         linked to active
    directory 
    >         >                         > etc, all tested ok 
    >         >                         > 
    >         >                         > 
    >         >                         > I am having issues with
    the radius 
    >         plugin, 
    >         >                         when I attempt to make
    any 
    >         >                         > connection to the
    radius, either 
    >         using the 
    >         >                         test functions described
    in 
    >         >                         > the link above, or from
    an 
    >         external 
    >         >                         connection, I am seeing
    the errors 
    >         >                         > below: 
    >         >                         > 
    >         >                         > 
    >         >                         > ]# echo
    "User-Name=user, 
    >         >                         User-Password=password" |
    radclient 
    >         -sx 
    >         >                         > localhost auth
    testing123 
    >         >                         > 
    >         >                         > 
    >         >                         > Sending Access-Request
    Id 91 from 
    >         >                         0.0.0.0:34321 to
    127.0.0.1:1812 
    >         >                         > 
    >         >                         >         User-Name =
    'user' 
    >         >                         >         User-Password = 
    >         'password' 
    >         >                         > Received Access-Reject
    Id 91 from 
    >         >                         127.0.0.1:1812 to
    127.0.0.1:34321 
    >         >                         > length 75 
    >         >                         >         Reply-Message = 
    >         'privacyIDEA request 
    >         >                         failed: 500 INTERNAL 
    >         >                         > SERVER ERROR' 
    >         >                         > (0) -: Expected
    Access-Accept got 
    >         >                         Access-Reject 
    >         >                         > Packet summary: 
    >         >                         >         Accepted      :
    0 
    >         >                         >         Rejected      :
    1 
    >         >                         >         Lost          :
    0 
    >         >                         >         Passed filter :
    0 
    >         >                         >         Failed filter :
    1 
    >         >                         > 
    >         >                         > 
    >         >                         > and on the radius server
    I see 
    >         this: 
    >         >                         > 
    >         >                         > 
    >         >                         > Received Access-Request
    Id 111 
    >         from 
    >         >                         127.0.0.1:35488 to
    127.0.0.1:1812 
    >         >                         > length 44 
    >         >                         >         User-Name =
    'user' 
    >         >                         >         User-Password = 
    >         'password' 
    >         >                         > (0) Received
    Access-Request packet 
    >         from host 
    >         >                         127.0.0.1 port 35488, 
    >         >                         > id=111, length=44 
    >         >                         > (0)     User-Name =
    'user' 
    >         >                         > (0)     User-Password = 
    >         'password' 
    >         >                         > (0) # Executing section
    authorize 
    >         from 
    >         >                         > 
    >         file /etc/raddb/sites-enabled/privacyidea 
    >         >                         > (0)   authorize { 
    >         >                         > (0)   [preprocess] = ok 
    >         >                         > (0)   [digest] = noop 
    >         >                         > (0)  suffix : Checking
    for suffix 
    >         after "@" 
    >         >                         > (0)  suffix : No '@' in
    User-Name 
    >         = "user", 
    >         >                         looking up realm NULL 
    >         >                         > (0)  suffix : No such
    realm 
    >         "NULL" 
    >         >                         > (0)   [suffix] = noop 
    >         >                         > (0)  ntdomain : Checking
    for 
    >         prefix before 
    >         >                         "\" 
    >         >                         > (0)  ntdomain : No '\'
    in 
    >         User-Name = 
    >         >                         "user", looking up realm
    NULL 
    >         >                         > (0)  ntdomain : No such
    realm 
    >         "NULL" 
    >         >                         > (0)   [ntdomain] = noop 
    >         >                         > (0)   [files] = noop 
    >         >                         > (0)   [expiration] =
    noop 
    >         >                         > (0)   [logintime] =
    noop 
    >         >                         > (0)  WARNING: pap : No
    "known 
    >         good" password 
    >         >                         found for the user.  Not 
    >         >                         > setting Auth-Type 
    >         >                         > (0)  WARNING: pap :
    Authentication 
    >         will fail 
    >         >                         unless a "known good" 
    >         >                         > password is available 
    >         >                         > (0)   [pap] = noop 
    >         >                         > (0)   update control { 
    >         >                         > (0)     Auth-Type :=
    Perl 
    >         >                         > (0)   } # update control
    = noop 
    >         >                         > (0)  } #  authorize =
    ok 
    >         >                         > (0) Found Auth-Type =
    Perl 
    >         >                         > (0) # Executing group
    from 
    >         > 
    >         file /etc/raddb/sites-enabled/privacyidea 
    >         >                         > (0)  Auth-Type Perl { 
    >         >                         > (0)   perl : 
    >         $RAD_REQUEST{'User-Name'} = 
    >         >                         &request:User-Name ->
    'user' 
    >         >                         > (0)   perl : 
    >         $RAD_REQUEST{'User-Password'} = 
    >         >                         &request:User-Password -> 
    >         >                         > 'password' 
    >         >                         > (0)   perl : 
    >         $RAD_REQUEST{'NAS-IP-Address'} 
    >         >                         = &request:NAS-IP-Address 
    >         >                         > -> '127.0.0.1' 
    >         >                         > (0)   perl : 
    >         $RAD_REQUEST{'Event-Timestamp'} 
    >         >                         = 
    >         >                         > &request:Event-Timestamp
    -> 'Oct 
    >         21 2015 
    >         >                         11:50:57 AEDT' 
    >         >                         > (0)   perl : 
    >         $RAD_CHECK{'Auth-Type'} = 
    >         >                         &control:Auth-Type ->
    'Perl' 
    >         >                         > (0)   perl : 
    >         $RAD_CONFIG{'Auth-Type'} = 
    >         >                         &control:Auth-Type ->
    'Perl' 
    >         >                         > rlm_perl: Config 
    >         >
    File /etc/freeradius/rlm_perl.ini 
    >         found! 
    >         >                         > rlm_perl: Default URL 
    >         >
    https://127.0.0.1/validate/check 
    >         >                         > rlm_perl: Looking for
    config for 
    >         auth-type 
    >         >                         Perl 
    >         >                         > rlm_perl: Auth-Type:
    Perl 
    >         >                         > rlm_perl: url: 
    >         >
    https://127.0.0.1/validate/check 
    >         >                         > rlm_perl: user sent to 
    >         privacyidea: user 
    >         >                         > rlm_perl: realm sent to 
    >         privacyidea: 
    >         >                         > rlm_perl: resolver sent
    to 
    >         privacyidea: 
    >         >                         > rlm_perl: client sent
    to 
    >         privacyidea: 
    >         >                         127.0.0.1 
    >         >                         > rlm_perl: state sent to 
    >         privacyidea: 
    >         >                         > rlm_perl: urlparam
    client 
    >         >                         > rlm_perl: urlparam pass 
    >         >                         > rlm_perl: urlparam user 
    >         >                         > rlm_perl: Not verifying
    SSL 
    >         certificate! 
    >         >                         > rlm_perl: privacyIDEA
    request 
    >         failed: 500 
    >         >                         INTERNAL SERVER ERROR 
    >         >                         > rlm_perl: return
    RLM_MODULE_FAIL 
    >         >                         > (0)  perl :
    &request:User-Name = 
    >         >                         $RAD_REQUEST{'User-Name'}
    -> 'user' 
    >         >                         > (0)  perl : 
    >         &request:Event-Timestamp = 
    >         >
    $RAD_REQUEST{'Event-Timestamp'} 
    >         >                         > -> 'Oct 21 2015 11:50:57
    AEDT' 
    >         >                         > (0)  perl :
    &request:User-Password 
    >         = 
    >         >
    $RAD_REQUEST{'User-Password'} -> 
    >         >                         > 'password' 
    >         >                         > (0)  perl : 
    >         &request:NAS-IP-Address = 
    >         >
    $RAD_REQUEST{'NAS-IP-Address'} 
    >         >                         > -> '127.0.0.1' 
    >         >                         > (0)  perl :
    &reply:Reply-Message 
    >         = 
    >         >
    $RAD_REPLY{'Reply-Message'} -> 
    >         >                         > 'privacyIDEA request
    failed: 500 
    >         INTERNAL 
    >         >                         SERVER ERROR' 
    >         >                         > (0)  perl :
    &control:Auth-Type = 
    >         >                         $RAD_CHECK{'Auth-Type'} ->
    'Perl' 
    >         >                         > (0)   [perl] = fail 
    >         >                         > (0)  } # Auth-Type Perl
    = fail 
    >         >                         > (0) Failed to
    authenticate the 
    >         user 
    >         >                         > (0) Using Post-Auth-Type
    Reject 
    >         >                         > (0) Delaying response
    for 1 
    >         seconds 
    >         >                         > Waking up in 0.9
    seconds. 
    >         >                         > (0) Sending delayed
    response 
    >         >                         > (0) Sending
    Access-Reject packet 
    >         to host 
    >         >                         127.0.0.1 port 35488,
    id=111, 
    >         >                         > length=0 
    >         >                         > (0)     Reply-Message = 
    >         'privacyIDEA request 
    >         >                         failed: 500 INTERNAL 
    >         >                         > SERVER ERROR' 
    >         >                         > Sending Access-Reject Id
    111 from 
    >         >                         127.0.0.1:1812 to
    127.0.0.1:35488 
    >         >                         >         Reply-Message = 
    >         'privacyIDEA request 
    >         >                         failed: 500 INTERNAL 
    >         >                         > SERVER ERROR' 
    >         >                         > Waking up in 3.9
    seconds. 
    >         >                         > (0) Cleaning up request
    packet ID 
    >         111 with 
    >         >                         timestamp +7 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > I don't think this is
    just an 
    >         issue with the 
    >         >                         user / password, but if 
    >         >                         > anyone can point me in
    the right 
    >         direction 
    >         >                         in what I may have done 
    >         >                         > wrong with either the
    radius or 
    >         privacy idea 
    >         >                         install? 
    >         >                         > 
    >         >                         > 
    >         >                         > Cheers 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > 
    >         >                         > -- 
    >         >                         > You received this
    message because 
    >         you are 
    >         >                         subscribed to the Google 
    >         >                         > Groups "privacyidea"
    group. 
    >         >                         > To unsubscribe from this
    group and 
    >         stop 
    >         >                         receiving emails from it,
    send 
    >         >                         > an email to 
    >         >
    privacyidea...@googlegroups.com. 
    >         >                         > To post to this group,
    send email 
    >         to 
    >         >
    priva...@googlegroups.com. 
    >         >                         > To view this discussion
    on the web 
    >         visit 
    >         >                         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/96a156c2-b64d-417d-811a-e152d27c8fd2%40googlegroups.com. 
    >         >                         > For more options, visit 
    >         >
    https://groups.google.com/d/optout. 
    >         >                         
    >         >                         -- 
    >         >                         Cornelius Kölbel 
    >         >                         corneliu...@netknights.it 
    >         >                         +49 151 2960 1417 
    >        ...

You received this message because you are subscribed to the Google Groups “privacyidea” group.

To unsubscribe from this group and stop receiving emails from it, send an email to privacyidea+unsubscribe@googlegroups.com.

To post to this group, send email to privacyidea@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/732bd79c-6351-4941-81a3-3a55b0f1078d%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.