MACAddress silent authentication in LDAP using freeradius2.0.2
Ivan Kalik
tnt at kalik.net
Thu Mar 20 18:13:44 CET 2008
PS. Sorry, got mixed up. radiusGroupName for group membership.
Ivan Kalik
Kalik Informatika ISP
Dana 20/3/2008, "Eric Martell" <workoutexcite at yahoo.com> piše:
>Hi Ivan,
> Bit confusing..do you want me to create entries in
>ldap as,
>
>deviceid = 111
>macaddress = 001122334455
>username = 001122334455
>radiusAuthType = Accept
>devicename = Personal PC.
>
>deviceid = 222
>macaddress = 001199887766
>username = 001199887766
>radiusAuthType = Accept
>devicename = SIP Phone.
>
>If yes, what additional changes I have to do in
>freeradius and how I can return devicename along the
>freeradius reply?
>
>Please reply.
>Thanks and Regards.
>
>--- Ivan Kalik <tnt at kalik.net> wrote:
>
>> No file. These are ldap entries which you need to
>> make. You have entries
>> as devices - now make entries as users.
>>
>> Ivan Kalik
>> Kalik Informatika ISP
>>
>>
>> Dana 20/3/2008, "Eric Martell"
>> <workoutexcite at yahoo.com> piše:
>>
>> >Hi Ivan,
>> > Thanks for the response. I am newbie for
>> freeradius.
>> >Not sure which file I should configure this? I have
>> >ldap module configured in radiusd.conf.
>> >
>> >Can you please be more specific? I will really
>> >appreciate that.
>> >
>> >Thanks and Regards.
>> >
>> >
>> >
>> >--- Ivan Kalik <tnt at kalik.net> wrote:
>> >
>> >> In mac authentication mac address is used as
>> >> username. So you will have
>> >> to create entries that have (only) username equal
>> to
>> >> mac address and
>> >> radiusAuthType Accept.
>> >>
>> >> Ivan Kalik
>> >> Kalik Informatika ISP
>> >>
>> >>
>> >> Dana 19/3/2008, "Eric Martell"
>> >> <workoutexcite at yahoo.com> piše:
>> >>
>> >> >Please let me know if this topic is already
>> >> discussed
>> >> >or has doc/wiki. If yes please guide me to the
>> >> right
>> >> >thread. Thanks.
>> >> >
>> >> >We are going to use MACaddress as silent
>> >> >authentication. When the users tries to connect
>> to
>> >> the
>> >> >WIFI Access point, Aptilo Networks is going to
>> send
>> >> >MacAddress as User-Name attribute of freeradius.
>> >> >User-Password attribute will be empty.
>> >> >
>> >> >We are storing MAC Addresses in the LDAP under
>> the
>> >> >device tree thru user interface tools. The LDAP
>> >> tree
>> >> >is as,
>> >> >
>> >> >deviceid = 111
>> >> >macaddress = 001122334455
>> >> >devicename = Personal PC.
>> >> >
>> >> >deviceid = 222
>> >> >macaddress = 001199887766
>> >> >devicename = SIP Phone.
>> >> >
>> >> >How do I configure ldap module in the freeradius
>> so
>> >> >that it checks if the MACaddress exists in LDAP
>> and
>> >> >returns Access-Accept or Access-Reject along
>> with
>> >> >reply of devicename.
>> >> >
>> >> >Not sure how do I handle this in authorization
>> or
>> >> >authentication or post-auth? There are NO
>> >> passwords.
>> >> >
>> >> >I am using freeradius-2.0.2. Is there a way I
>> can
>> >> use
>> >> >"unlang" ?
>> >> >
>> >> >Thanks and Regards.
>> >> >
>> >> >
>> >> >
>> >> >
>> >>
>>
>>____________________________________________________________________________________
>> >> >Be a better friend, newshound, and
>> >> >know-it-all with Yahoo! Mobile. Try it now.
>> >>
>>
>>http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
>> >> >-
>> >> >List info/subscribe/unsubscribe? See
>> >> http://www.freeradius.org/list/users.html
>> >> >
>> >> >
>> >>
>> >> -
>> >> List info/subscribe/unsubscribe? See
>> >> http://www.freeradius.org/list/users.html
>> >>
>> >
>> >
>> >
>> >
>>
>____________________________________________________________________________________
>> >Be a better friend, newshound, and
>> >know-it-all with Yahoo! Mobile. Try it now.
>>
>http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
>> >-
>> >List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>> >
>> >
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
>
> ____________________________________________________________________________________
>Be a better friend, newshound, and
>know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list