Hello all,
In 802.1x configuration, I need to use Vlan assignment on Enterasys switch
from Freeradius server, and Enterasys doesn't accept standarts attributes
like Tunnel-type etc...
Then I have to use Filter-Id attribute in users file:
Filter-ID = Enterasys:Version=1:policy=nameofpolicy
[EMAIL PROTECTED] wrote:
> Then I have to use Filter-Id attribute in users file:
>
> Filter-ID = Enterasys:Version=1:policy=nameofpolicy
>
> Have I a VALUE to add in a dictionnary file for ATTRIBUTE Filter-Id ??
No. Read the dictionaries. It's a string attribute.
to different
users. Depending upon the Filter-ID attribute value returned by FreeRadius,
Enterasys switch decides what role can be assigned to the user. In my
understanding I know there is the way to achieve this goal if we have
Ldap-Group so that we can use as:
DEFAULT Ldap-Group == "
On 18/01/12 14:55, suggestme IT wrote:
DEFAULT Ldap-Group == "Staff"
Filter-ID := "Enterasys:version=1:policy=staff",
Fall-Through = No
But, How to do same like this for the users in Active Directory; How to
return the Filter-ID attribute value if there is no group
attribute value
that is created from Active Directory back to NAS again.
Thanks,
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/How-to-return-Filter-ID-attribute-value-for-the-users-in-Active-Directory-tp5155068p5155212.html
Sent from the FreeRadius - User mailing list a
On 18/01/12 16:04, suggestme wrote:
There are different users under Staff, Administrators, Retirees, etc in
active directory as:
OU=Staff OU=Administrators
OU=Retirees
CN=users CN=users
CN=users
Ok, so you want t
quot;test"
User-Password = "hello"
NAS-IP-Address = IP Address
NAS-Port = 0
Message-Authenticator = 0x
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=225,
length=49
Filter-Id = "Enterasys:versi
suggestme wrote:
> I tried to return the value of Filter-ID as:
>
> authorize {
>...
>ldap
>
> if (distinguishedName =~ /^[^,]+,OU=([^,]+),/) {
What's "distinguishedName" ?
It's not a RADIUS attribute. Read "man unlang", which explains how
the attributes && variables work.
e in context:
http://freeradius.1045715.n5.nabble.com/How-to-return-Filter-ID-attribute-value-for-the-users-in-Active-Directory-tp5155068p5158770.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
suggestme wrote:
> Still trying to become more familiar with attributes and learning.
> In my understanding there are different attributes list as :request, reply,
> control, proxy-request, proxy-reply, outer.request, outer.reply, etc.
As I said before, see "man unlang". This is documented in
e
10 matches
Mail list logo