(RADIATOR) Simple conditional Reply item
Hugh Irvine
hugh at open.com.au
Tue Mar 6 15:29:59 CST 2007
Hello Peter -
Try this:
<Handler TunnelledByPEAP=1>
RewriteUsername s/^([^@]+).*/$1/
RejectHasReason
AuthByPolicy ContinueWhileAccept
AuthBy TestUP
<AuthBy FILE>
Filename %D/users.vlans
<AuthBy>
</Handler>
regards
Hugh
On 7 Mar 2007, at 03:54, Peter Bates wrote:
>
> Hello all...
>
>> On 02/03/07 at 20:17, Hugh Irvine <hugh at open.com.au> wrote:
>>
>> <Handler xxx>
>> <AuthBy FILE>
>> Filename %D/users.blah
>> </AuthBy>
>> </Handler>
>>
>> then in "%D/users.blah:
>>
>> # users.blah
>>
>> blah
>> Aruba-User-Vlan = 11
>>
>> DEFAULT
>> Aruba-User-Vlan = 666
>
> I've tried the above, and not being very successful so far.
> However, I might be missing something.
> My actual Handler looks like (with logging and bits removed for
> brevity):
>
> <Handler TunnelledByPEAP=1>
> RewriteUsername s/^([^@]+).*/$1/
> AuthBy TestUP
> RejectHasReason
> AddToReply Aruba-User-Vlan=11
> </Handler>
>
> The 'TestUP' AuthBy checks usernames/passwords against Novell
> eDirectory.
>
> Should it include
>
> <Handler TunnelledByPEAP=1>
> RewriteUsername s/^([^@]+).*/$1/
> AuthBy TestUP
> RejectHasReason
> <AuthBy FILE>
> Filename %D/users.vlans
> <AuthBy>
> </Handler>
>
> instead? (with the DEFAULT/username elements in users.vlans as you
> describe)
>
> I'm guessing maybe I'm missing an 'AuthByPolicy' or something?
>
> Thanks.
>
> --
>
> ----------------------------------------------------------------------
> ----------------------------->
> Peter Bates, Systems Support Officer, IT Services.
> London School of Hygiene & Tropical Medicine.
> Telephone:0207-958 8353 / Fax: 0207- 636 9838
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list