Problem returning attributes to Bluesocket
Alan DeKok
aland at ox.org
Thu Feb 23 19:29:48 CET 2006
"David L Wolford" <dwolford at uab.edu> wrote:
> A sniffer trace of the attempted authentication reveals that the
> Freeradius does request the attributes that I am interested in
> (x121address and edupersonprimaryaffiliation) and does receive the
> values back from LDAP. My problem is that these values are not then
> passed on to the Bluesocket gateway. What am I missing?
Those attributes are defined in LDAP, but not in RADIUS. Therefore,
they can't go into a RADIUS packet.
> Portion of ldap.attrmap follows:
>
> checkItem radiusx121address x121address
> checkItem edupersonprimaryaffiliation
> edupersonprimaryaffiliation
The last column should be RADIUS attributes, as defined in a
dictionary file. If you didn't define those attributes in a
dictionary, then they will never go into a packet.
In addition, if the Bluesocket gateway doesn't mention those
attributes in it's documentation, then it won't understand them in a
RADIUS packet.
Please read the bluesocket docs to see what RADIUS attributes it
understands. Then, see if those attributes are in the FreeRADIUS
dictionaries. If they're not, add them. Then, make FreeRADIUS send
those attributes.
See "man dictionary" for additional details.
Alan DeKok.
More information about the Freeradius-Users
mailing list