(RADIATOR) Simple conditional Reply item

Hugh Irvine hugh at open.com.au
Tue Mar 6 15:29:59 CST 2007


Hello Peter -

Try this:

<Handler TunnelledByPEAP=1>

	RewriteUsername       s/^([^@]+).*/$1/
	RejectHasReason

	AuthByPolicy ContinueWhileAccept

	AuthBy TestUP

     <AuthBy FILE>
               Filename %D/users.vlans
      <AuthBy>

</Handler>


regards

Hugh



On 7 Mar 2007, at 03:54, Peter Bates wrote:

>
> Hello all...
>
>> On 02/03/07 at 20:17, Hugh Irvine <hugh at open.com.au> wrote:
>>
>> <Handler xxx>
>> 	<AuthBy FILE>
>> 		Filename %D/users.blah
>> 	</AuthBy>
>> </Handler>
>>
>> then in "%D/users.blah:
>>
>> # users.blah
>>
>> blah
>> 	Aruba-User-Vlan = 11
>>
>> DEFAULT
>> 	Aruba-User-Vlan = 666
>
> I've tried the above, and not being very successful so far.
> However, I might be missing something.
> My actual Handler looks like (with logging and bits removed for
> brevity):
>
> <Handler TunnelledByPEAP=1>
> RewriteUsername       s/^([^@]+).*/$1/
> AuthBy TestUP
> RejectHasReason
> AddToReply Aruba-User-Vlan=11
> </Handler>
>
> The 'TestUP' AuthBy checks usernames/passwords against Novell
> eDirectory.
>
> Should it include
>
> <Handler TunnelledByPEAP=1>
> RewriteUsername       s/^([^@]+).*/$1/
> AuthBy TestUP
> RejectHasReason
>     <AuthBy FILE>
>               Filename %D/users.vlans
>      <AuthBy>
> </Handler>
>
> instead? (with the DEFAULT/username elements in users.vlans as you
> describe)
>
> I'm guessing maybe I'm missing an 'AuthByPolicy' or something?
>
> Thanks.
>
> --  
>
> ---------------------------------------------------------------------- 
> ----------------------------->
> Peter Bates, Systems Support Officer, IT Services.
> London School of Hygiene & Tropical Medicine.
> Telephone:0207-958 8353 / Fax: 0207- 636 9838
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list