Hi, I have put together a small python script using some VB code I found on a website. This is the conversion function:
def msRADIUSFramedIPAddress_to_IPString(msRADIUSFramedIPAddress): # Some code a took from: # http://www.wisesoft.co.uk/scripts/vbscript_read_msradiusframedipaddress_attribute_.aspx FOURTH_OCTET = 1 THIRD_OCTET = 256 SECOND_OCTET = 65536 FIRST_OCTET = 16777216 msRADval = msRADIUSFramedIPAddress intFirstMod = 0 intSecondMod = 0 intThirdMod = 0 strIPList = [] # Microsoft subtracts 4294967296 from numbers above 2147483647 to # make them negative to make it, sort of, unsigned. if(int(msRADval) < 0): msRADval = int(msRADval) + 4294967296 strIPList.append(str(int(msRADval) // FIRST_OCTET)) intFirstMod = int(msRADval) % FIRST_OCTET strIPList.append(str(intFirstMod // SECOND_OCTET)) intSecondMod = intFirstMod % SECOND_OCTET strIPList.append(str(intSecondMod // THIRD_OCTET)) intThirdMod = intSecondMod % THIRD_OCTET strIPList.append(str(intThirdMod // FOURTH_OCTET)) return '.'.join(strIPList) I hope someone can make use of it. Kær kveðja / Best regards Júlíus Þór Bess Ríkharðsson Netsérfræðingur / Network Administrator Nýherji Hf. Borgartún 37 - 105 Reykjavík Simi/Telephone: +354 516 1000 Email: julius.b...@nyherji.is Helpdesk: +354 516 1600 Netsíða: http://www.nyherji.is -----freeradius-users-bounces+julius.bess=nyherji...@lists.freeradius.org wrote: ----- To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> From: Alan DeKok Sent by: freeradius-users-bounces+julius.bess=nyherji...@lists.freeradius.org Date: 06/11/2013 04:02PM Subject: Re: msRADIUSFramedIPAddress AD attribute Júlíus Þór Bess Ríkharðsson wrote: > Thanks for a truly great RADIUS server! It's what we do. :) > I was wondering whether you guys have a way of dealing with Microsoft's > strange representation of an IP address, in the msRADIUSFramedIPAddress > attribute, to get something useful like an actual ip address? :) That's a hard question. The msRADIUSFramedIPAddress is a binary 32-bit IP address. FreeRADIUS assumes that all of the data it gets from LDAP is printable strings. There's no simple way to handle this in v2. I'd suggest writing a short Perl script. This can be done in v3: - map the LDAP attribute to a RADIUS attribute of type "octets" update reply { Framed-IP-Address = &Attribute-of-type-Octets } And it will magically work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html