Fallback LDAP Attribute Value
Steven Carr
steven.carr at sunderland.ac.uk
Wed Jul 8 16:00:19 CEST 2009
On 8/7/09 14:36, Ivan Kalik wrote:
> Well, reply attributes don't appear from nowhere - *you* configure them!
> List what you want to leave in the packet (lets say Service-Type) - rest
> will be deleted.
That is the issue, I do not know what attributes we do want, only what
we don't want.
We only want to send back the VLAN switching dot1x attributes if the
request comes from a particular huntgroup (containing devices that are
allowed to do dot1x), the problem being one of these attributes is
stored in LDAP (the actual VLAN number to put someone in).
The idea is that the RADIUS server is also going to process other
authentication requests aswell as dot1x requests, but to ensure that
nothing gets triggered on other devices (Wireless etc.) these attributes
can't be sent back devices that aren't allowed for dot1x.
We can't be the only people wanting to do this? Or do you have any other
suggestions as to how this can be achieved?
Thanks
Steve
--
Steven Carr
Systems Development Officer
SLS/ITS/Systems - (0191) 515 3953
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 257 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090708/0cbce411/attachment.pgp>
More information about the Freeradius-Users
mailing list