Reply attribute in access-accept while doing eap-mschapv2

free.aaa free.aaa at gmail.com
Mon Jun 2 15:17:24 CEST 2014


Any help how to do this with LDAP lookup?

I add radiusAttribute to the user with the value of "class=temp_class" 
and in the post-auth section inserted the following:
>          update reply {
>                     Class = 
> "%{ldap:ldap:///ou=accounts,ou=radius,dc=company,dc=org?radiusAttribute?sub?uid=%{User-Name}}"
>                 }

But as you can guess the result is that reply packet contains "Class = 
Class=temp_class".
How to correctly handle this?


23.05.2014 5:11, * ?????:
>
> This is my work around.
>
> Try this
> in post-auth
>
> update reply {
>
>                 Class = "%{sql:SELECT `value` FROM `radreply` WHERE 
> `username`='%{User-Name}' and `attribute`='Class';}"
>
>         }
>
> I tried enabling use_tunnled_reply=yes. But no reply is sent through 
> access accept.
>
> On 23/05/2014 2:10 AM, "free.aaa" <free.aaa at gmail.com 
> <mailto:free.aaa at gmail.com>> wrote:
>
>     Hi all!
>
>     It seems like a missed some basic concepts about eap in
>     freeradius. How to make freeradius return attribute for a specific
>     user?
>
>     I'm using freeradius-3.0.3.
>
>     I created user in mysql (radcheck) as usual:
>     test Cleartext-Password := test
>
>     And add to radreply table:
>     test Class = temp_class
>
>     And when I do eap-mschapv2 I did not receive Class attribute.
>
>     I need help to clarify this concept and advice how to include this
>     attribute in the reply.
>
>     PS: As one try I added to my default config in the post-auth
>     section the following:
>
>     update reply {
>            Class = "%{Class}"
>     }
>
>     and after that the Class attribute appeared in the access-accept
>     but it was empty.
>
>     Thanks in advance!
>     Best regards,
>     Alex
>
>     -
>     List info/subscribe/unsubscribe? See
>     http://www.freeradius.org/list/users.html
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140602/b948e927/attachment-0001.html>


More information about the Freeradius-Users mailing list