"David L Wolford" <[EMAIL PROTECTED]> wrote: > A sniffer trace of the attempted authentication reveals that the > Freeradius does request the attributes that I am interested in > (x121address and edupersonprimaryaffiliation) and does receive the > values back from LDAP. My problem is that these values are not then > passed on to the Bluesocket gateway. What am I missing?
Those attributes are defined in LDAP, but not in RADIUS. Therefore, they can't go into a RADIUS packet. > Portion of ldap.attrmap follows: > > checkItem radiusx121address x121address > checkItem edupersonprimaryaffiliation > edupersonprimaryaffiliation The last column should be RADIUS attributes, as defined in a dictionary file. If you didn't define those attributes in a dictionary, then they will never go into a packet. In addition, if the Bluesocket gateway doesn't mention those attributes in it's documentation, then it won't understand them in a RADIUS packet. Please read the bluesocket docs to see what RADIUS attributes it understands. Then, see if those attributes are in the FreeRADIUS dictionaries. If they're not, add them. Then, make FreeRADIUS send those attributes. See "man dictionary" for additional details. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
