service-type passed in response
Pshem Kowalczyk
pshem.k at gmail.com
Thu Aug 7 02:38:56 CEST 2008
Hi,
test User-Password == "xxxx"
Service-Type := Administrative-User,
cisco-avpair += "shell:priv-lvl=15"
operator changed from = to :=
man 5 users
Attribute = Value
Not allowed as a check item for RADIUS protocol
attributes. It is allowed for server configuration
attributes (Auth-Type, etc), and sets the value of on
attribute, only if there is no other item of the
same attribute.
As a reply item, it means "add the item to the reply list,
but only if there is no other item of the same
attribute."
Attribute := Value
Always matches as a check item, and replaces in the
configuration items any attribute of the same name.
If no attribute of that name appears in the request, then
this attribute is added.
As a reply item, it has an identical meaning, but for the
reply items, instead of the request items.
kind regards
Pshem
2008/8/7 Josh Yost <josh.yost at cdw.com>:
> I am having a problem configuring management users for Cisco WLC. Here's my
> basic users file:
>
>
> DEFAULT Service-Type = NAS-Prompt-User,
> cisco-avpair += "shell:priv-lvl=2",
> Fall-Through = 1
>
>
>
> test User-Password == "xxxx"
> Service-Type = Administrative-User,
> cisco-avpair += "shell:priv-lvl=15"
>
>
> The problem I am having is that when user "test" logs in, the access-accept
> packet passes the DEFAULT Service-Type Value (along with all other
> attributes in DEFAULT). I only want the default Service-Type value to be
> passed if I don't otherwise have one assigned in the individual users'
> entries. Any Assistance here would be much appreciated!
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list