freeradius 3.0.13 LDAP - reply custom Vendor Specific
Alan DeKok
aland at deployingradius.com
Thu Nov 30 18:19:00 CET 2017
On Nov 30, 2017, at 12:08 PM, Paweł cit <pawelcit at gmail.com> wrote:
>
> I try many possibilities but still no luck. In documentation:
> http://wiki.freeradius.org/modules/Rlm_ldap there is:
> in file raddb/mods-available/ldap put:
>
> For Example:
> radiusReplyAttribute: Cisco-AVPair := "ip:addr-pool=dialin_pool"
That means you put the Cisco-AVPair into LDAP...
> So I try radiusReplyAttribute: Attr-26 := "0x483d342c20493d34" (with space
> between "bute: Attr" and without (both this gives error):
> update {
> control:Password-With-Header += 'userPassword'
> # control:NT-Password := 'ntPassword'
> reply:Reply-Message := 'radiusReplyMessage'
> radiusReplyAttribute: attr-26 := "0x483d342c20493d34"
i.e. you didn't read the comments in the "ldap" module configuration which described what that section does, and how it works.
> I also tried:
>
> post-auth {
> update {
> description := "Authenticated at %S"
Is "description" a RADIUS attribute?
No.
Why do you think that adding random things to random configuration files will do what you want? Do you believe that FreeRADIUS can read your mind?
> doest work either :(
See the FAQ for "it doesn't work".
The problem here goes deeper than just configuring FreeRADIUS. You're lost, and are *not* reading the documentation. Instead, you're just trying random things in the hope that they will magically work.
Don't do that. You need to *understand* things before editing them. And the documentation *does* help with understanding. I can't help you if you don't read it.
Alan DeKok.
More information about the Freeradius-Users
mailing list