Active Directory Juniper mapping attribute - no local login-id configured
Alan DeKok
aland at deployingradius.com
Mon Sep 6 14:53:31 CEST 2021
On Sep 3, 2021, at 2:43 PM, Steven Vacaroaia <stef97 at gmail.com> wrote:
> I am trying to setup 2FA for my Juniper switches using Freeradius,
> Active Directory and Yubikey
> ...
> "..
> to make sure that the group of users that you're allowing access to
> the EXs gets the following vendor-specific attribute returned in their
> access-accept message:
>
> Vendor Code: 2636 (Juniper)
>
> Attribute:1 Juniper-Local-User-Name
>
> Value: "superUserClass"
>
> ..."
update reply {
Juniper-Local-User-Name := "foo"
}
> Do I have to modify AD schema and add those attributes or there is a
> better / smarter way to
> achieve the above ?
You can just add attributes.
> Any help/ instructions / ideas / documentation pointers will be
> greatly appreciated
$ man unlang
And see the many examples in radiusd.conf.
Alan DeKok.
More information about the Freeradius-Users
mailing list