<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="monospace">Hi Alan,<br>
<br>
Thank you for your reply. Please see my comments inline as well.<br>
<br>
And thank you for your continued patience!</font><br>
<br>
<br>
<div class="moz-cite-prefix">On 07/07/2014 09:10 AM, Alan DeKok
wrote:<br>
</div>
<blockquote cite="mid:53BAC681.40900@deployingradius.com"
type="cite">
<pre wrap="">Tony DeMatteis wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I am setting up/migrating to a new Radius server. My current server is
using flat files (users/clients). Not a huge deployment, but now have
designs to scale larger. I've run into a problem with one reply
attribute I can't seem to identify the problem. I've searched the
documentation (and Googled), and while probably in from of my eyes, I
can't seem to find the cause/solution. The same reply attributes work
fine in my current/production server, but fail (and only when trying to
include the "DragonWave-Privilege-Level" reply attribute).
</pre>
</blockquote>
<pre wrap="">
The dragonwave dictionary isn't on the new server. Add it to the new
server, and it will work.
</pre>
</blockquote>
<font face="monospace">As you pointed out, the dragonwave dictionary
is not included as one of the dictionaries in a default
installation. So I added the needed dictionary to the
/usr/share/freeradius directory (new server).<br>
</font>
<blockquote cite="mid:53BAC681.40900@deployingradius.com"
type="cite">
<pre wrap="">
</pre>
<blockquote type="cite">
<pre wrap=""> Now one
note, in my production server in my user stanza I use the "=" operator
for each of the reply attributes. However, in my new server, when using
the "=" as the operator in the reply attribute I was receiving only one
attribute upon authentication. I then thought I understood from the
documentation that I needed to use "+=" in my reply attributes.
</pre>
</blockquote>
<pre wrap="">
Yes, += is what you want to use.
</pre>
<blockquote type="cite">
<pre wrap=""> After
making that change, all the group attributes were returned. One
difference may be that I am specifying the "group" attributes under each
"user" (current/production) vs in a "group" which is referenced (new
server)?
</pre>
</blockquote>
<pre wrap="">
I don't know what that means.
The functionality of the "users" file is documented. See "man users",
and the comments at the start of the default file.</pre>
</blockquote>
<font face="monospace">Forgive my ignorance, I will review the man
users file. What I meant was that, as I learn more, I don't
believe by adding specific attributes to a single user in the user
file (old server) that I was effecting a groupreply. On the new
server I am specifically defining the reply attributes I want
returned and adding a profile (group) to the user. So I noted
that, not expecting there to be any difference in the operator of
the reply attr but, not being absolutely sure.</font><br>
<blockquote cite="mid:53BAC681.40900@deployingradius.com"
type="cite">
<pre wrap="">
</pre>
<blockquote type="cite">
<pre wrap=""># /usr/share/freeradius/dictionary.dragonwave</pre>
</blockquote>
</blockquote>
<font face="monospace">This is the path of the dictionary on the New
Server</font><br>
<blockquote cite="mid:53BAC681.40900@deployingradius.com"
type="cite">
<blockquote type="cite">
<pre wrap="">
</pre>
</blockquote>
<pre wrap="">
Which is on the old server, and isn't on the new one.
I've added it to the default release, so it will be there. At least
for vendors who ship recent versions of the server instead of 2.1.12.</pre>
</blockquote>
<font face="monospace">Thank you very much =)</font><br>
<blockquote cite="mid:53BAC681.40900@deployingradius.com"
type="cite">
<pre wrap="">
Alan DeKok.
-
List info/subscribe/unsubscribe? See <a class="moz-txt-link-freetext" href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a>
</pre>
</blockquote>
<br>
</body>
</html>