(RADIATOR) Multiple authenticators - different attributes to return ...

Hugh Irvine hugh at open.com.au
Fri Jun 18 02:45:31 CDT 2004


Hello Jon -

You should probably just use an AddToReply in each AuthBy - only the 
one that accepts will have the reply attributes added.

Ie.

	AuthByPolicy ContinueUntilAccept

	<AuthBy LDAP2>
		.....
		AddToReply .....
	</AuthBy>

	<AuthBy ADSI>
		.....
		AddToReply .....
	</AuthBy>

	<AuthBy RADIUS>
		.....
		AddToReply .....
	</AuthBy>

Note that the AuthBy RADIUS clause _must_ be the last one in the list.

regards

Hugh


On 18 Jun 2004, at 00:44, Dunster, Jon wrote:

> In a PEAP environment can anyone give me an idea how I might approach
> returning different attributes dependant on which of the authentication
> methods (ie. LDAP/RADIUS/NDS etc etc) succeeds ?
>
> I've tried the 'continuewhilereject'or similar method listing Authbys 
> and
> whilst that works to authenticate it doesn't work with the return of 
> the
> attributes to the AP.
>
> The idea is that I've two LDAP servers (one for each VLAN, 
> effectively) and
> want to set up the 802.1x PEAP client machine vlan based on which it
> successfully authenticates against.
>
> Any ideas appreciated!
>
> Thanks,
>
> Jon
>
>
>
> -----
> This e-mail and any attachments contain information which is 
> confidential
> and privileged.  The information is intended only for the use of the
> individual or entity to whom it is addressed.  If you are not the 
> intended
> recipient you are hereby notified that any disclosure, copying, 
> distribution
> or the taking of any action in reliance on the contents of this e-mail 
> is
> strictly prohibited.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list