Re: [RADIATOR] Read LDAP attributes

Fri, 10 Jun 2022 01:50:20 -0700 

Hello Viktu -

Can you please send us a Trace 4 debug showing what is happening?

thanks and regards

Hugh

> On 10 Jun 2022, at 18:34, Víktu Pons i Colomer <vi...@rectorat.url.edu> wrote:
> 
>  Hi all,
>  
> I am trying to configure Radiator server to set VLAN per user.
> I have tried with AD group membership and LSA authentication, but it does not 
> work if the users belong to nested groups.
>  
> Now I try to perform the authentication by LSA as well, but trying to use 
> LDAP2 to read an attribute where we have the user’s VLAN.
>  
> But I am facing an issue: If I try to read the TelePhoneNumber attribute, for 
> instance, it works, but if I try to read the Pager nothing appears in the 
> logs and ignores the configuration.
> I attach the configuration below.
>  
> Any ideas? Thanks!
>  
> <AuthBy LSA>
>                Identifier LSA_Staff
>                EAPType MSCHAP-V2
>                AutoMPPEKeys
>                UsernameMatchesWithoutRealm
>                NoDefault
> </AuthBy>
>  
> <AuthBy LDAP2>
>                               Identifier LDAP_AD
>                               Host -
>                               Port -
>                               AuthDN -
>                               AuthPassword    -
>                               UsernameAttr sAMAccountName
>                               AuthAttrDef pager,Tunnel-Private-Group-ID,reply
>                               # AuthAttrDef 
> TelePhoneNumber,Tunnel-Private-Group-ID,check
>                               NoEAP
>                               NoDefault
> </AuthBy>
>  
> <AuthBy GROUP>
>                Identifier Auth_Staff
>                AuthByPolicy ContinueUntilRejectOrChallenge
>                AuthBy LSA_Staff
>                AuthBy LDAP_AD
>                AddToReplyIfNotExist Tunnel-Type =0:VLAN,Tunnel-Medium-Type 
> =0:Ether_802
> </AuthBy>
>  
>  
> --------------------------
> Viktu Pons i Colomer
> --------------------------
>  
>  
> _______________________________________________
> radiator mailing list
> radiator@lists.open.com.au
> https://lists.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
h...@open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, macOS, Solaris, VMS, NetWare etc.

_______________________________________________
radiator mailing list
radiator@lists.open.com.au
https://lists.open.com.au/mailman/listinfo/radiator

Reply via email to