[RADIATOR] ERR: Bad attribute=value pair

Heikki Vatiainen hvn at open.com.au
Tue Jul 16 09:46:53 CDT 2013


On 07/16/2013 12:03 PM, Alexander Hartmaier wrote:

>         AuthAttrDef mobile,GENERIC,request
>         AuthAttrDef mail,GENERIC,request
>         AuthAttrDef memberof,GENERIC,request
> 
> This results in error messages in the log:
> Tue Jul 16 08:49:46 2013: ERR: Bad attribute=value pair: name at fqdn.org
> Tue Jul 16 08:49:46 2013: ERR: Bad attribute=value pair: +4312345678

GENERIC expects the values fetched from LDAP to be in
'AttributeName=value' format. Maybe this would work better:

 AuthAttrDef mobile,mobile,request
 AuthAttrDef mail,mail,request
 AuthAttrDef memberof,memberof,request

> Is this because mobile and mail are not in the dictionary?

No. Dictionary is only required if the attribute and its value need to
be packed in the network transfer format. That is, numbers instead of
attribute names etc.

> Why isn't the error also thrown for memberof?

Most likely because the memberof LDAP attribute value is in CN=...
format. When attribute is added in the request, CN is taken as the
attribute name and the rest (...) as the value.

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list