Error parsing VSA
D C
dc12078 at gmail.com
Thu Apr 14 05:01:56 CEST 2016
Trying to get freeradius 2.1.12 to work with a citrix netscaler.
my setup works will a pile of other vendors, so i figured it would also be
just as simple as adding a new reply-item to my ldap profile.
>From the output below you can see my other vsa's are being sent back to the
nas no problem. But I can't figure out it can't parse my latest one.
[ldap] extracted attribute Juniper-Local-User-Name from generic item
Juniper-Local-User-Name := "super-users"
[ldap] extracted attribute Cisco-AVPair from generic item Cisco-AVPair+=
"shell:priv-lvl=15"
[ldap] extracted attribute Fortinet-Group-Name from generic item
Fortinet-Group-Name = "SUPER_ADMIN"
[ldap] parsing radiusReplyItem failed: Citrix-User-Groups =
"SUPER_ADMIN_CTX"
Not sure if it's supposed to be Citrix-User-Groups, or CTXUserGroups, but
i'll figure that out once I can get freeradius to even send the reply-item.
I tried adding a dictionary that I googled. attached below:
# -*- text -*-
# Copyright (C) 2015 The FreeRADIUS Server project and contributors
##############################################################################
#
# Citrix VSAs
#
# $Id: 868b203ab45b47533d9b53862cfc271251aa7f17 $
#
##############################################################################
VENDOR Citrix 66
BEGIN-VENDOR Citrix
ATTRIBUTE Citrix-UID 10 integer
ATTRIBUTE Citrix-GID 11 integer
ATTRIBUTE Citrix-Home 12 string
ATTRIBUTE Citrix-Shell 13 string
ATTRIBUTE Citrix-Group-Names 14 string
ATTRIBUTE Citrix-Group-Ids 15 string
ATTRIBUTE Citrix-User-Groups 16 string
END-VENDOR Citrix
Thanks,
Dan
More information about the Freeradius-Users
mailing list