Possible little extension to dictionnary.h3c
Mathieu Simon (Lists)
matsimon.lists at simweb.ch
Sun Jan 19 23:22:28 CET 2014
G'day
While trying to figure out how I could tuck the admin auth to our
FreeRADIUS for some of our 3Com 2928 switches which seemingly were made
by H3C and thus behave a little different from standard 3Com comware
devices. (HP has relabeled them, now known as HP 1910 series)
After some searching I came across a forum post on HP's pages where a
user mentioned how he got it working.* Thankfully he included his
modified dictionnary.h3c which adds a single H3C-specific
Hw_Exec_Privilege attribute which seems to do the trick for those boxes.
Although it seems to work for me, if it's not completely wrong what
about taking that little change upstream for the benefit of others?
I've tested this on a old FR 2.1.12 on Debian, but it seems the H3C
dict hasn't changed for some time and thus the patch should also apply
on 2.x and 3.x branches.
--- dictionary.h3c 2014-01-19 23:08:05.016784021 +0100
+++ dictionary.h3c.new 2014-01-19 23:09:48.832375719 +0100
@@ -18,4 +18,11 @@
ATTRIBUTE H3C-Ip-Host-Addr 60 string
ATTRIBUTE H3C-Product-ID 255 string
+ATTRIBUTE Hw_Exec_Privilege 29 integer
+
+VALUE Hw_Exec_Privilege H3C-Visitor 0
+VALUE Hw_Exec_Privilege H3C-Monitor 1
+VALUE Hw_Exec_Privilege H3C-Manager 2
+VALUE Hw_Exec_Privilege H3C-Administrator 3
+
END-VENDOR H3C
-- Mathieu Simon
* For correct references:
http://h30499.www3.hp.com/t5/Web-and-Unmanaged/V1910-radius-server-Level-privilege/td-p/2367841#.UtxHVBCIVaQ
More information about the Freeradius-Users
mailing list