freeradius 3.0.13 LDAP - reply custom Vendor Specific
Paweł cit
pawelcit at gmail.com
Thu Nov 30 17:17:08 CET 2017
I have a feeling that you mistook Supermicro's IPMI with freeIPA. Am I
right?
freeradius is just using freeipa's user database. I try to configure
freeradius to work with IPMI. My problem is similar to this:
http://lists.freeradius.org/pipermail/freeradius-users/2015-October/080240.html
I still have no idea how to connect IPMI to freeradius. In Supermicro's
documentation there's only:
2.2. Configuring User information
#vi /etc/raddb/users
Example:
myuser Auth-Type :=Local, User-Password == “123456”
Vendor-Specific = “H=4, I=4”
testuser Auth-Type :=Local, User-Password == “654321”
Vendor-Specific = “H=3, I=3”
2.3. Configuring Client information
#vi /etc/raddb/client.conf
Example:
client 192.168.0.200 {
secret = radiustest
shortname = ikvmdevice
client 192.168.0.100 {
secret = radiustest
shortname = osaka
In my case difference is that I have user's in LDAP, not in file.
2017-11-30 16:53 GMT+01:00 Alan DeKok <aland at deployingradius.com>:
>
> > On Nov 30, 2017, at 10:48 AM, Paweł cit <pawelcit at gmail.com> wrote:
> >
> > H and I are attributes required by IPMI to distinguish admin user from
> > readonly user.
>
> I think you didn't read my message.
>
> "H" and "I" are *NOT RADIUS ATTRIBUTES*. You CANNOT INVENT MAGIC
> NUMBERS FOR THEM IN RADIUS AND EXPECT IT TO WORK.
>
> Is that clear?
>
> What part of the FreeIPA documentation told you to edit the "dictionary"
> file and add those as attributes?
>
> Alan DEKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
>
More information about the Freeradius-Users
mailing list