(RADIATOR) LSA and reply attributes

Hugh Irvine hugh at open.com.au
Tue Jun 14 05:33:06 CDT 2005


Hello Jose -

As the AuthBy LSA clause only does authentication, you will probably  
need to use an AuthBy LDAP clause as well to get the Profile attribute.

Something like this:

         AuthByPolicy ContinueAlways

         <AuthBy LDAP2>
                 # get the Profile attribute
                 .....
         </AuthBy>

         <AuthBy LSA>
                 # do the authentication
                 .....
         </AuthBy>


hope that helps

regards

Hugh


On 14 Jun 2005, at 20:00, Jose Maria Fernandez wrote:

> Hi all,
>
> Does anybody know how can I send reply attributes using Authby LSA?.
> We have an extended schema in AD, and one of the extended  
> attributes is a Profile attribute. We like to use this attribute to  
> return a reply attribute Class, in order to assign IPs, Vlans, etc  
> in our NASs. We know it is posible using LDAP authentication, SQL  
> authentication, but we want to use TTLS (PAP/TTLS, no problem with  
> LDAP) and PEAP too. The best way to use PEAP is Authby LSA, but how  
> about reply attributes...?
>
> Thanks in advance,
>
> Jose Maria Fernandez
> Universidad de Oviedo
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list