Vincent Arniego wrote: > I browsed the mailing list for possible solutions to the problem I have but > unfortunately I didn't find any (or something I missed I dunno) > > We have this Cisco ISG 7301 router that we are using that are passing the > Remote-ID av pair as its User-Name (just a copy not that it matters) > Now, the remote ID format is ascii in format but hexadecimal in meaning > 0000079d010100660000000000000000000050544e55544147303033000705000064 > > We would only want to authenticate the part after the 20 zeroes > "50544e55544147303033000705000064". By the way the length before this > substring is always fixed (18 bytes) so we only want the part after 18 bytes.
What does that mean? "we want to authenticate the part...". What kind of authentication? How? > is it possible to parse this string in perl then passing the result string to > ldap for authentication? Or will we use ldap inside rlm_perl? First, define what you want to do. Do you want to treat that string as a user id in LDAP, and do uid lookups based on it, or.... do you want to do something else? > Just to add, we also want to check the first 4 bytes (0000079d) if it is not > in this format, we'll treat the whole user-id as a whole. FreeRADIUS supports regular expressions, and can easily do that kind of check. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
