Problem returning attributes to Bluesocket

Alan DeKok aland at
Thu Feb 23 19:29:48 CET 2006

"David L Wolford" <dwolford at> wrote:
> A sniffer trace of the attempted authentication reveals that the
> Freeradius does request the attributes that I am interested in
> (x121address and edupersonprimaryaffiliation) and does receive the
> values back from LDAP. My problem is that these values are not then
> passed on to the Bluesocket gateway. What am I missing?

  Those attributes are defined in LDAP, but not in RADIUS.  Therefore,
they can't go into a RADIUS packet.

> Portion of ldap.attrmap follows:
> checkItem	radiusx121address		x121address
> checkItem	edupersonprimaryaffiliation
> edupersonprimaryaffiliation

  The last column should be RADIUS attributes, as defined in a
dictionary file.  If you didn't define those attributes in a
dictionary, then they will never go into a packet.

  In addition, if the Bluesocket gateway doesn't mention those
attributes in it's documentation, then it won't understand them in a
RADIUS packet.

  Please read the bluesocket docs to see what RADIUS attributes it
understands.  Then, see if those attributes are in the FreeRADIUS
dictionaries.  If they're not, add them.  Then, make FreeRADIUS send
those attributes.

  See "man dictionary" for additional details.

  Alan DeKok.

More information about the Freeradius-Users mailing list