(RADIATOR) Multiple authenticators - different attributes to return ...
Hugh Irvine
hugh at open.com.au
Fri Jun 18 02:45:31 CDT 2004
Hello Jon -
You should probably just use an AddToReply in each AuthBy - only the
one that accepts will have the reply attributes added.
Ie.
AuthByPolicy ContinueUntilAccept
<AuthBy LDAP2>
.....
AddToReply .....
</AuthBy>
<AuthBy ADSI>
.....
AddToReply .....
</AuthBy>
<AuthBy RADIUS>
.....
AddToReply .....
</AuthBy>
Note that the AuthBy RADIUS clause _must_ be the last one in the list.
regards
Hugh
On 18 Jun 2004, at 00:44, Dunster, Jon wrote:
> In a PEAP environment can anyone give me an idea how I might approach
> returning different attributes dependant on which of the authentication
> methods (ie. LDAP/RADIUS/NDS etc etc) succeeds ?
>
> I've tried the 'continuewhilereject'or similar method listing Authbys
> and
> whilst that works to authenticate it doesn't work with the return of
> the
> attributes to the AP.
>
> The idea is that I've two LDAP servers (one for each VLAN,
> effectively) and
> want to set up the 802.1x PEAP client machine vlan based on which it
> successfully authenticates against.
>
> Any ideas appreciated!
>
> Thanks,
>
> Jon
>
>
>
> -----
> This e-mail and any attachments contain information which is
> confidential
> and privileged. The information is intended only for the use of the
> individual or entity to whom it is addressed. If you are not the
> intended
> recipient you are hereby notified that any disclosure, copying,
> distribution
> or the taking of any action in reliance on the contents of this e-mail
> is
> strictly prohibited.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list