What capacity does radtest have to display custom attributes
Alan DeKok
aland at deployingradius.com
Tue Jul 11 20:59:33 CEST 2017
On Jul 11, 2017, at 2:48 PM, Mark Williams <markhw at vt.edu> wrote:
>
> I’ve been experimenting with the server, trying to get it to return arbitrary custom attributes (defined in dictionary.local) to the Radius-reply.
And what is the definition of those attributes? That would help...
> When I run radtest against the virtual-server I see the attributes being added and mentioned in the post-auth debug, but I never see the attribute on the client side of the radtest. Is radtest limited to only displaying officially defined attributes, or might I be doing something obviously ridiculous?
The RADIUS protocol can only transport attributes which are number 1..255, or VSAs. The comments in raddb/dictioanry explain this.
Note that just putting the attributes into dictionary.local isn't good enough. You will probably need to define a VSA. See share/dictionary.* for examples of defining vendor-specific dictionaries.
You will need a private enterprise number. Happily, vt.edu already has one: 1446. So define your own vendor space there, and know that you're not interfering with anyone else. :)
Alan DeKok.
More information about the Freeradius-Users
mailing list