(RADIATOR) Multiple authenticators - different attributes to return ...

Hugh Irvine hugh at open.com.au
Tue Jun 22 00:38:22 CDT 2004


Hello Jon -

There was a patch for this I believe.

regards

Hugh


On 21 Jun 2004, at 20:03, Dunster, Jon wrote:

> I thought that we tried this before and the attributes never got 
> returned ?
>
> I will try again though.
>
> -----Original Message-----
> From: Hugh Irvine [mailto:hugh at open.com.au]
> Sent: 18 June 2004 08:46
> To: Dunster, Jon
> Cc: 'radiator at open.com.au' Mailinglist
> Subject: Re: (RADIATOR) Multiple authenticators - different attributes
> to return ...
>
>
>
> Hello Jon -
>
> You should probably just use an AddToReply in each AuthBy - only the
> one that accepts will have the reply attributes added.
>
> Ie.
>
> 	AuthByPolicy ContinueUntilAccept
>
> 	<AuthBy LDAP2>
> 		.....
> 		AddToReply .....
> 	</AuthBy>
>
> 	<AuthBy ADSI>
> 		.....
> 		AddToReply .....
> 	</AuthBy>
>
> 	<AuthBy RADIUS>
> 		.....
> 		AddToReply .....
> 	</AuthBy>
>
> Note that the AuthBy RADIUS clause _must_ be the last one in the list.
>
> regards
>
> Hugh
>
>
> On 18 Jun 2004, at 00:44, Dunster, Jon wrote:
>
>> In a PEAP environment can anyone give me an idea how I might approach
>> returning different attributes dependant on which of the 
>> authentication
>> methods (ie. LDAP/RADIUS/NDS etc etc) succeeds ?
>>
>> I've tried the 'continuewhilereject'or similar method listing Authbys
>> and
>> whilst that works to authenticate it doesn't work with the return of
>> the
>> attributes to the AP.
>>
>> The idea is that I've two LDAP servers (one for each VLAN,
>> effectively) and
>> want to set up the 802.1x PEAP client machine vlan based on which it
>> successfully authenticates against.
>>
>> Any ideas appreciated!
>>
>> Thanks,
>>
>> Jon
>>
>>
>>
>> -----
>> This e-mail and any attachments contain information which is
>> confidential
>> and privileged.  The information is intended only for the use of the
>> individual or entity to whom it is addressed.  If you are not the
>> intended
>> recipient you are hereby notified that any disclosure, copying,
>> distribution
>> or the taking of any action in reliance on the contents of this e-mail
>> is
>> strictly prohibited.
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>>
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
>
> -----
> This e-mail and any attachments contain information which is 
> confidential
> and privileged.  The information is intended only for the use of the
> individual or entity to whom it is addressed.  If you are not the 
> intended
> recipient you are hereby notified that any disclosure, copying, 
> distribution
> or the taking of any action in reliance on the contents of this e-mail 
> is
> strictly prohibited.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.



NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list