(RADIATOR) Reply-Attribute definition doesn't work

Hugh Irvine hugh at open.com.au
Mon Feb 25 17:35:39 CST 2002


Hello Bjoern -

There are two ways of doing what you are trying to do, and I suspect you are 
mixing them up.

When you use an AuthAttrDef, you can either specify the radius attribute in 
the AuthAttrDef itself and the value only in the database, or you can use the 
GENERIC form and specify the radius attribute and the value in the database.

In other words, if you specify this:

	AuthAttrDef     usercallbacknumber, Callback-Number, reply

the "usercallbacknumber" field would contain the number only.
	
	111222333

If you specify this:

	AuthAttrDef     usercallbacknumber, GENERIC, reply

the "usercallbacknumber" field would contain the attribute and the number.

	Callback-Number = 111222333

In neither case should you use the ReplyAttr in addition to the above.


regards

Hugh


>
> the nas-device should be reply the value of the ldap-attribute
> usercallbacknumber in the RADIUS-attribute callback-number. For this I've
> define in the radiator.cfg following configuration:
>
> <AuthBy LDAP2>
>            ......
> AuthAttrDef     usercallbacknumber, Callback-Number, reply
>         ReplyAttr       usercallbacknumber
>         AddToReply      Service-Type = Framed-User,\
>                         Framed-Protocol = PPP
> </AuthBy>
>
> With this configuration it have worked a time, but by now it doesn't work.
> In the logfile is logged following error-message:
>
> Mon Feb 25 15:14:04 2002: DEBUG: LDAP got usercallbacknumber: <phonenumber>
> Mon Feb 25 15:14:04 2002: ERR: Bad attribute=value pair: <phonenumber>
> .....
> Attributes:
>         Service-Type = Framed-User
>         Framed-Protocol = PPP
>
> With the LDAP-value usercallbacknumber: usercallbacknumber=<phonenumber>
> I've got following logfile entry:
>
> Mon Feb 25 15:35:08 2002: DEBUG: LDAP got usercallbacknumber:
> usercallbacknumber=<phonenumber>
> .....
> Mon Feb 25 15:35:08 2002: WARNING: No such attribute usercallbacknumber
> .....
> Attributes:
>         usercallbacknumber = <phonenumber>
>         Service-Type = Framed-User
>         Framed-Protocol = PPP
>
>
> It is not possible to set prefix-value in the LDAP-Database. But in all
> cases (independent if there is a prefix set or not) there were no
> RADIUS-CallBack-Number reply logged on the cisco-Router. What is wrong with
> this configuration?
>



-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list