Re: Sending Cisco AV Pairs per realm
Look at the acct_users file, you can define what to do when receiving START, STOP and ALIVE packets. You can call external script if you like. All you need to do is echo correctly formated string and access server will receive it. If you want to put something additional to database, you can do that too. Also, another way is to use post_auth hook and run external script from there. If you are going to run external scripts, all needed data is inside ENV variable, including realm, username etc. All this is also stated in documentation. Igor - Original Message - From: Dan Goscomb [EMAIL PROTECTED] To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: 18 September, 2007 11:22 Subject: Re: Sending Cisco AV Pairs per realm Here is a short example that should work for you using the hints file: #hints DEFAULT User-Name =~ @dsl.realm Hint = DSL #/hints #users DEFAULT Hint == DSL Cisco-AVPair += ... #/users Thanks Kevin This looks great, however the caveat is that we're using MySQL and not the users file; I can't for the life of me work out how to get that data in to the tables! Any hints would be appreciated. Cheers Dan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __ NOD32 2540 (20070919) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending Cisco AV Pairs per realm
Here is a short example that should work for you using the hints file: #hints DEFAULT User-Name =~ @dsl.realm Hint = DSL #/hints #users DEFAULT Hint == DSL Cisco-AVPair += ... #/users Thanks Kevin This looks great, however the caveat is that we're using MySQL and not the users file; I can't for the life of me work out how to get that data in to the tables! Any hints would be appreciated. Cheers Dan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending Cisco AV Pairs per realm
On Friday 14 September 2007 11:28:51 Dan Goscomb wrote: Hi I have a number of realms on my radius server (FreeRADIUS Version 1.1.6). All users are valid in both realms (one is for dialup, one for broadband). e.g. [EMAIL PROTECTED] [EMAIL PROTECTED] All realm's are stripped so that the user (dang in the examples above) is authenticated. However, on dial.realm I need to return a couple of Cisco-Avpair attributes; how can this be done? You may be able to use the Realm attribute in the users file to add your specific attributes, depending on how the realms are stripped from the username. You can also use the hints file, which you already tried. I have tried a hints file, however although I get the message on debug: hints: Matched DEFAULT at 17 The data specifies is not sent back in the RADIUS reply. That's because you cannot list reply attributes in the hints file, but you can add a Hint that can be checked in the users file. Here is a short example that should work for you using the hints file: #hints DEFAULT User-Name =~ @dsl.realm Hint = DSL #/hints #users DEFAULT Hint == DSL Cisco-AVPair += ... #/users Kevin Bonner signature.asc Description: This is a digitally signed message part. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html