Cisco AV-PAIRS

Ivan Kalik tnt at kalik.net
Tue Feb 19 13:52:17 CET 2008


Password is a check item. It has nothing to do with what's in the reply
(av-pairs are reply items). Just remove the password and it will still
work the same. You *can* leave the check line blank in users file.

Ivan Kalik
Kalik Informatika ISP


Dana 19/2/2008, "David W Bell" <david at chaoscrypt.com> piše:

>Only way I have found to get RADIUS to pass the AV-PAIRS back is from 
>the users file.
>
>If I have missed something, please let me know
>
>David
>
>> And why do you have password in two locations? If you store it in Ldap
>> you don't need it in users file and vice versa.
>>
>> Ivan Kalik
>> Kalik Informatika ISP
>>
>>
>> Dana 19/2/2008, "David W Bell" <david at chaoscrypt.com> piše:
>>
>>   
>>> Hi there.
>>>
>>> My Saga continues....
>>>
>>> I have freeRADIUS working with openLDAP and can log into CISCO kit and
>>> pass the priv-level from the raddb/users file.
>>>
>>> Is there any way that this information can be passed from the openLDAP
>>> user details instead?
>>>
>>> I am looking to do a single-signon system and it seems a little awkward
>>> to have to change a password (as is required in the users file) in 2
>>> locations.
>>>
>>> Thanks
>>>
>>> David
>>> -
>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>>
>>>
>>>     
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>>   
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>




More information about the Freeradius-Users mailing list