rest module to send simple API call to Infoblox for Mac Auth

[Alan DeKok]

On Sep 25, 2024, at 7:40 AM, <dominic.stalder at unibe.ch> <dominic.stalder at unibe.ch> wrote:
> Still struggling with assigning a value to the local / custom attribute:
> 
> 1. added it to /etc/freeradius/dictionary like this:
> 
> --> does it need to have a naming like My-Local-xxx or are we completely free there?

  The name has to be unique.

> ATTRIBUTE   My-Local-Calling-Station-Id-Colon   3000  string

  That's good.

> 2. tried to add a value to the local / custom attribute in /etc/freeradius/policy.d/canonicalization:
> 
> rewrite_calling_station_id {
>   if (&Calling-Station-Id && (&Calling-Station-Id =~ /^${policy.mac-addr-regexp}$/i)) {
>      update request {
>         &Calling-Station-Id := "%{toupper:%{1}-%{2}-%{3}-%{4}-%{5}-%{6}}"
> 
>         &My-Local-Calling-Station-Id-Colon := "Test"
>      }

  That should work.

> 3. Not able to get the value into /etc/freeradius/mods-available/rest --> the local / custom attribute has an empty value

  No.

  You need to read the debug output.

  i.e. did it run the "rewrite_calling_station_id" policy?  If so, which "if" condition did it run?  Why?

  The point of the debug output is to read it.  You can't just send the server a packet, look at the "rest" module, and then ignore the rest of it.  So read it.  ALL of it.  Think about what it's doing.

> I do not see any attribute with Name "My-Local-Calling-Station-Id-Colon" in the freeradius debug output as well.

  You (a) saw it run the rewrite_calling_station_id policy, or (b) saw it NOT run the rewrite_calling_station_id policy.

  Which one happened?

  Read the debug output.

  Alan DeKok.