DD> On Wed, 12 Jan 2005, Costas Christonis wrote: >> GC> Hello, >> >> GC> Costas Christonis wrote: >> >> Hi to all, >> >> i'm trying to set the telnet access to my users through radius and ldap >> >> server. >> >> What i did untill now is that everyone tha has the attribute >> >> "Service-type" with the value "exec-user" can telnet to my cisco >> >> switches and routers in privilege level 5. >> >> I insert the attribute "Ciscoavpair" with the value >> >> "exec:priv-lvl=0" or with the value "exec:privilege-level=0" but >> >> nothing happens, everyone can telnet to my switches and logon >> >> privilege level 5. >> >> GC> It's called Cisco-AVPair not CiscoAVPair. >> >> >> Can anyone help me? >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> Best regards >> >> GC> Best Regards, >> >> >> Yes that's correct but in LDAP the attribut is radiusciscovapair anyway >> is that right? so i don't think tha the problem is that... >>
DD> do you have ldap.attrmap setup to map Cisco-AVPAir to radiusciscovapair as DD> a reply item? DD> What are you actually sending back in your reply? Radiusd -X will show DD> you that. DD> - DD> List info/subscribe/unsubscribe? See DD> http://www.freeradius.org/list/users.html Hello Dustin and thanks for your response..... What excactly do i have to do with the ldap.attrmap? Is there any doc to read about it? Cause the only thing that i did is to insert the ldap attribute in the account and to do some tests.... Ευχαριστώ Costas A. Christonis Networking & Communications Centre Gallos Campus - University of Crete email: [EMAIL PROTECTED] http://www.ucnet.uoc.gr/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
