Regards,
Amr el-Saeed
Senior Systems Engineer
94 Tahrir St., Maghraby Plaza,
Dokki, Giza 12311, Egypt
T: +20 (2) 33 32 0700 | Ext: 1107
F: +20 (2) 33 32 0800 |
E: amr.elsa...@tedata.net
www.tedata.net
Alan DeKok wrote:
Amr el-Saeed wrote:
I am using freeradius 1.1.7
Ugh. Upgrade.
I will
i want to check an attribute come in the Access request ,named
Cisco-AVPair , i could do this successfully using chkval
i put Cisco-AVPair as a generic check item in the LDAP and is working fine.
the problem is that this is the coming request attributes
Cisco-AVPair = "client-mac-address=000000000000"
Cisco-AVPair = "circuit-id-tag= 1/1/06/09:0.35"
So, the radius always apply the comparison with the first Cisco-AVPair
which is Cisco-AVPair = "client-mac-address=000000000000"
if it is correct returns OK and if not returns reject regardless the
second one
Actually i don't to do a comparison against the first one, my target is
the second but the router sends both in that order .
How can i match both attributes even if they have the same name ??
If you're doing checkval in ldap... you can't.
that is my conf
compare_check_items = no
checkval checkCiscoAVPair {
item-name = Cisco-AVPair
check-name = Cisco-AVPair
data-type = string
#notfound-reject = yes
}
in LDAP
radiusCheckItem: Cisco-AVPair =~ "client-mac-address="
radiusCheckItem: Cisco-AVPair == "circuit-id-tag=DOKKI-D15I-GZ-EG atm
1/1/06/0
is there any way to do it ? does last version 2.1.6 checks all the
attributes ?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
|
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
