(RADIATOR) Reply-Attribute definition doesn't work
Hugh Irvine
hugh at open.com.au
Mon Feb 25 17:35:39 CST 2002
Hello Bjoern -
There are two ways of doing what you are trying to do, and I suspect you are
mixing them up.
When you use an AuthAttrDef, you can either specify the radius attribute in
the AuthAttrDef itself and the value only in the database, or you can use the
GENERIC form and specify the radius attribute and the value in the database.
In other words, if you specify this:
AuthAttrDef usercallbacknumber, Callback-Number, reply
the "usercallbacknumber" field would contain the number only.
111222333
If you specify this:
AuthAttrDef usercallbacknumber, GENERIC, reply
the "usercallbacknumber" field would contain the attribute and the number.
Callback-Number = 111222333
In neither case should you use the ReplyAttr in addition to the above.
regards
Hugh
>
> the nas-device should be reply the value of the ldap-attribute
> usercallbacknumber in the RADIUS-attribute callback-number. For this I've
> define in the radiator.cfg following configuration:
>
> <AuthBy LDAP2>
> ......
> AuthAttrDef usercallbacknumber, Callback-Number, reply
> ReplyAttr usercallbacknumber
> AddToReply Service-Type = Framed-User,\
> Framed-Protocol = PPP
> </AuthBy>
>
> With this configuration it have worked a time, but by now it doesn't work.
> In the logfile is logged following error-message:
>
> Mon Feb 25 15:14:04 2002: DEBUG: LDAP got usercallbacknumber: <phonenumber>
> Mon Feb 25 15:14:04 2002: ERR: Bad attribute=value pair: <phonenumber>
> .....
> Attributes:
> Service-Type = Framed-User
> Framed-Protocol = PPP
>
> With the LDAP-value usercallbacknumber: usercallbacknumber=<phonenumber>
> I've got following logfile entry:
>
> Mon Feb 25 15:35:08 2002: DEBUG: LDAP got usercallbacknumber:
> usercallbacknumber=<phonenumber>
> .....
> Mon Feb 25 15:35:08 2002: WARNING: No such attribute usercallbacknumber
> .....
> Attributes:
> usercallbacknumber = <phonenumber>
> Service-Type = Framed-User
> Framed-Protocol = PPP
>
>
> It is not possible to set prefix-value in the LDAP-Database. But in all
> cases (independent if there is a prefix set or not) there were no
> RADIUS-CallBack-Number reply logged on the cisco-Router. What is wrong with
> this configuration?
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list