-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/19/2013 11:41 AM, Fabrice DURAND wrote:
> Hello Jason,
>
> in packetfence-tunnel file (for 802.1x) in the section authorize,
> use: update request { Tmp-String-0 := ¨EMPLOYEE¨ }
How would I handle multiple different groups? We have EMPLOYEE, LAB,
ADMIN, etc... Will something like this work?
switch Ldap-group {
case "cn=employee,ou=groups,o=myorg" {
update request {
Tmp-String-0 := ¨EMPLOYEE¨
}
}
case "cn=lab,ou=groups,o=myorg" {
update request {
Tmp-String-0 := ¨LAB¨
}
}
etc...
}
> Then in the request forwarded to packetfence in the file
> /usr/local/pf/lib/pf/radius/custom.pm write your own authorize and
> _parseRequest function (copy it from radius.pm) and you should see
> _parseRequest($radius_request) this function must return a new
> attribute based of the radius attribute Tmp-String-0.
So essentially I should check $radius_request->{'Tmp-String-0'}, match
on the appropriate value, and then return a new attribute, $vlanname
maybe? Just tack that on to the end of the existing return?
> So with this new attribute you should be able to set a category for
> the node and then associate a category to a vlan id (vlan/custom.pm
> getNormalVlan)
And then the return from the previous will map here to the vlan I
need.. Specifically, I'm looking to use the "name" of the vlan in
packetfence, so normalVlan, customVlan1, etc. ?
> Regards Fabrice
- --
- ---------------------------
Jason 'XenoPhage' Frisvold
[email protected]
- ---------------------------
"Any sufficiently advanced magic is indistinguishable from technology.\"
- - Niven's Inverse of Clarke's Third Law
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlFxg7MACgkQO80o6DJ8UvnnlgCffq4H5D2twd9Y6t1XYEELQffL
FvoAoIAVqaPmkLHQL6c2LHUunpGHhmBg
=N7nA
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
