LDAP and checking for Mac address.

Neil Marjoram n.marjoram at adastral.ucl.ac.uk
Tue Jun 17 16:19:41 CEST 2008

I have just installed 2.05 and have successfully linked to my ldap 
server. I would like to build in MAC address checking on top of the user 
name / password auth.

I read some docs and concluded that I could change  access_attr =  to 
use radiusCallingStationId. I set the value of this in LDAP to that 
which I could see in the debug output; Calling-Station-Id = 
"0019E3021FD8". The user happily logged in, however  when I changed the 
value he could still log in! Now I am guessing that this attribute is 
only checked for presence within the user profile rather than checking 
if they match.

Is there a way of getting Radius to check that the Calling-Station-Id 
matches radiusCallingStationId before access is allowed? I have read the 
ldap docs and not been able to find what I am looking for.

Many thanks,

Neil Marjoram
Systems Manager
Adastral Park Campus
University College London
Ross Building
Adastral Park
Martlesham Heath
Ipswich - Suffolk

Tel: 01473 663711
Fax: 01473 635199

Reclaim Your Inbox!

More information about the Freeradius-Users mailing list