(RADIATOR) EAP-TLS + LDAP

Hugh Irvine hugh at open.com.au
Fri Oct 22 18:24:09 CDT 2004 

Hello Miklos -

Could you please send me a copy of your configuration file (no secrets)  
and a complete trace 4 debug showing what is happening with what you  
have so far? I would like to see the contents of the radius requests so  
I can make suggestions.

regards

Hugh


On 22 Oct 2004, at 18:54, Tirpak Miklos wrote:

> Hello!
>
> I would like to use EAP-TLS as dot1x authentication, and get the vlan  
> name from LDAP after the successfull authentication. The search filter  
> has to contain the e-mail address of the user instead of the name,  
> because the name is not unique in our database. The searchfilter for  
> exapmle should be: uid=mtirpak at sztaki.hu
>
> The problem is, that the radius request does not contain the e-main  
> address as an attributte, it contains only the user name: User-Name =  
> "Miklos Tirpak". The e-mail address is in the eap message. Is there  
> any way to make the search filter based on the e-mail address? Like  
> %{some_attributte}, or with a script?
>
> The realm is also not included in the radius attributtes, so I have to  
> get is from the eap message. This is the same problem as above.
>
> Thanks,
> Miklos
>
> --  
> ----------------------------------------------------------------------- 
> ----
>   Miklos Tirpak
>   Computer and Automation Research Institute   e-mail :  
> mtirpak at sztaki.hu
>   Hungarian Academy of Sciences                phone  : (361) 279-6011
>   H-1132 Budapest, Victor Hugo u 18-22         fax    : (361) 279-6021
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list