rlm_perl to authenticate against data in ldap

Ivan Kalik tnt at kalik.net
Thu May 14 12:33:05 CEST 2009


> I browsed the mailing list for possible solutions to the problem I have
> but unfortunately I didn't find any (or something I missed I dunno)
>
> We have this Cisco ISG 7301 router that we are using that are passing the
> Remote-ID av pair as its User-Name (just a copy not that it matters)
> Now, the remote ID format is ascii in format but hexadecimal in meaning
> 0000079d010100660000000000000000000050544e55544147303033000705000064
>
> We would only want to authenticate the part after the 20 zeroes
> "50544e55544147303033000705000064". By the way the length before this
> substring is always fixed (18 bytes) so we only want the part after 18
> bytes.
>
> is it possible to parse this string in perl then passing the result string
> to ldap for authentication?

Yes, it will be passed as $RAD_REQUEST{'User-Name'}. Rewrite the username
to what you think it should be in perl. Just list perl before ldap in
authorize.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list