Garbled class attribute?
Geoff Silver
geoff+freeradius at uslinux.net
Thu Aug 17 21:02:42 CEST 2006
I always hate replying to my own problem, but I just figured this out. Turns
out that we're proxying auth to a backend server, which was returning a
garbled Class attribute, therefore *my* Class attribute wasn't being returned.
I configured $confdir/attrs to filter it and it appears to work now.
Still need to test the proxy load patch this afternoon, but I'm one step
closer... ;-)
Alan DeKok wrote:
> Geoff Silver <geoff+freeradius at uslinux.net> wrote:
>> I have a bunch of users which should have a class attribute returned upon
>> successful authentication. Their entries look something like:
>>
>> bob NAS-IP-Address == 172.31.33.66, Hint==HasSlash Auth-Type:=Accept
>> Class = "OU=MY_CORP", Filter-Id = "SPCCOLO_O",
>> Split-Tunneling-Policy = 1, Split-Tunnel-List = "SPCCOLO_ST"
>>
>> What they're actually getting back is:
>>
>> Packet-Type = Access-Accept
>> User-Name = "bob"
>> Class = 0x3739774831423272375053516a71424143444358434979507544493d
>
> Which is '79...'
>
> It works for me, so my guess is that something else in your
> configuration is setting Class to that value.
>
> Alan DeKok.
> --
> http://deployingradius.com - The web site of the book
> http://deployingradius.com/blog/ - The blog
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list