Question about processing multiple authorization sources

Will Saxon WillS at housing.ufl.edu
Thu Mar 16 17:25:37 CET 2006


Hello,

I am using FreeRADIUS 1.1.0 on FreeBSD 6.0 with Cisco Aironet 1200
WAPs. 

I need to be able to control which VLAN my users are assigned to, and it
seems like this is accomplished by setting three RADIUS user attributes
which control the assigned vlan after authentication. The problem is
that my authorization/authentication source is an LDAP server, which I
don't have any control over, that does not contain these attributes. 

Is it possible to have FreeRADIUS check a separate user database to
provide the additional attributes? It seems like I could write a script
to take the username, perform some database queries and return the
appropriate information, but beyond that I don't know how to go about
implementing such a solution. 

If it matters, I am currently using EAP-TTLS/PAP with SecureW2 and the
aforementioned LDAP server.

-Will

-- 
Will Saxon
Systems Programmer - Network Services
University of Florida Department of Housing



More information about the Freeradius-Users mailing list