custom AVPs from LDAP in AccessAccept packet
Stefano Zanmarchi
zanmarchi at gmail.com
Mon Mar 12 18:36:16 CET 2012
hi,
we have a central radius server (LDAP user store) talking to a
department radius server connected to an AP.
I can't change the LDAP, so I can't use the radiusprofile objectclass.
I'd like to configure the central radius server to send custom AVPs
fetched from the LDAP to the department radius server.
The department radius server (which is proxying AccessRequests to the
central radius server) will then unlang these custom
AVPs contained in the AccessAccept packet to set the appropriate VLAN Id.
I've mapped ldap attributes in the ldap.attrmap of the central radius
server (eg: replyItem Campus-Usage-Right diritto8021x)
but am now a bit confused on how to go on.
Should I now define a custom dictionary file that that the central
radius server and the department radius server must share?
Or should I rather add entries in /etc/raddb/dictionary of the central
radius server (eg ATTRIBUTE Campus-Usage-Right 1 string)?
Thank you very much in advance for your help,
Stefano
More information about the Freeradius-Users
mailing list