Hello everybody, Yesterday I ran into deep problems trying to configure freeradius 0.9.0 for so called authenticated switch access (asa) which is a feature of alcatel (formerly xylan) lan switches enabling them to query a radius server for user authentication.
My users file looks like: ... user2 Auth-Type := Local, User-Password == "testpw" Alcatel-Access-Priv = "Alcatel-Read-Priv", Alcatel-Access-Priv = "Alcatel-Write-Priv", Alcatel-Access-Priv = "Alcatel-Admin-Priv" ... My vendor specific dictionary file looks like: ... ATTRIBUTE Alcatel-Access-Priv 16 integer Alcatel VALUE Alcatel-Access-Priv Alcatel-Read-Priv 1 VALUE Alcatel-Access-Priv Alcatel-Write-Priv 2 VALUE Alcatel-Access-Priv Alcatel-Admin-Priv 3 ... My configuration seems to be working fine so far, because 'user2' is authenticated by the radius server an can login to the device. But now the problem arises: I need the user to get assigned all of the three privileges that I mentioned above concurrently and not alternatively. At the moment my user only gets read, write or admin access - the actually assigned privilege depends on the sequence of privileges for user2 in my users-file (only the first privilege is assigned). Maybe there's anybody out there who got an idea of how to solve this problem and return all of the three integer values for the attribute 'Alcatel-Access-Priv' in one radius-reply. Thanks in advance. Stephan -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html