external script reply

Hegedus Gabor hegedus.gabor at euroway.hu
Wed Dec 17 20:39:02 CET 2008 

Hi, i  don't know why  but  dosen't work, i post here my config and debug:
-----------------------------------------------
when I try php-cli, my php file works fine:
root at ubuntu# ./getvlan.php Hege
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = vlan20
----------------------------------------------

the exec modul:

exec {          // is this part important?
    wait = no
    input_pairs = request
    shell_escape = yes
    output = none
}

exec get-vlan{
    wait = yes
    program = "/usr/local/etc/raddb/scripts/getvlan.php %{mschap:User-Name}"
    input-pairs = request
    output-pairs = reply
    packet-type = Access-Accept
#    shell-escape = yes
}

my get-vlan "modul" is in the post-auth section
 
here is the debug:

+- entering group post-auth {...}
[get-vlan]     expand: %{mschap:User-Name} -> Hege
Exec-Program output: Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 
Tunnel-Private-Group-Id = vlan20
Exec-Program-Wait: plaintext: Tunnel-Type = VLAN Tunnel-Medium-Type = 
IEEE-802 Tunnel-Private-Group-Id = vlan20
Exec-Program: returned: 0
++[get-vlan] returns ok
} # server inner-tunnel
[peap] Got tunneled reply code 2
    EAP-Message = 0x03090004
    Message-Authenticator = 0x00000000000000000000000000000000
    User-Name = "TEST\\Hege"
[peap] Got tunneled reply RADIUS code 2
    EAP-Message = 0x03090004
    Message-Authenticator = 0x00000000000000000000000000000000
    User-Name = "TEST\\Hege"
[peap] Tunneled authentication was successful.
[peap] SUCCESS
[peap] Saving tunneled attributes for later

what is wrong?

thank you, Gabor

tnt at kalik.net írta:
>> I use external php script to get informations from the ldap.
>> exec getdata {
>>   program = .../sg.php %{User-Name}
>>   ..?..
>> }
>> post-auth {
>>   getdata
>> }
>>
>> in the php script I do an ldap query with the argument,
>> and take the important data (three word) into variables.
>>
>> How can I take this 3 data  back to the Tunnel-Type, Tunnel-Medium-type
>> and Tunnel-Private-Group-Id items of the freeRadius.
>>
>>     
>
> Print them out (echo). One per line.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list