[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAP authentication using Radius

To: JET JETASIK <jet@transniaga.co.th>
Subject: RE: LDAP authentication using Radius
From: Aaron Richton <richton@nbcs.rutgers.edu>
Date: Thu, 16 Aug 2012 11:14:42 -0400 (EDT)
Cc: 'Howard Chu' <hyc@symas.com>, openldap-technical@openldap.org
In-reply-to: <003601cd7bbb$e5176970$af463c50$@transniaga.co.th>
References: <002601cd7a41$4cb89300$e629b900$@transniaga.co.th> <502AA938.5060303@symas.com> <002e01cd7a9c$ba6a2de0$2f3e89a0$@transniaga.co.th> <002e01cd7aca$89d43260$9d7c9720$@transniaga.co.th> <alpine.SOC.2.02.1208150832080.28711@toolbox.rutgers.edu> <000901cd7b63$ecb499d0$c61dcd70$@transniaga.co.th> <alpine.SOC.2.02.1208160744370.28711@toolbox.rutgers.edu> <003601cd7bbb$e5176970$af463c50$@transniaga.co.th>
User-agent: Alpine 2.02 (SOC 1266 2009-07-14)

On Thu, 16 Aug 2012, JET JETASIK wrote:

[2012/08/16|14:06:22.578125][02492][MINOR][ValidationTask::getNASLocationFro
mPacket] > No NAS-IP or NAS-Identifier attribute found.
[2012/08/16|14:06:22.578125][02492][MAJOR][ValidationTask::routePacket] >
Rejecting RADIUS request due to missing NAS Location

I don't see there is option to define the NAS-IP or NAS-Identifier in
/etc/radius.conf
Furthermore I dig into openldap's radius.c, only RAD_USER_NAME and
RAD_USER_PASSWORD(line 82, 86) attached into the request.
Please advise how to put NAS-IP/NAS-Identifier into the request, maybe using
rad_put_addr()  ?

I would think it would be easier to reconfigure your radius server toallow the queries in their existing form?

With that said, if you want to send additional attributes, a modificationto radius.c is probably the right track. You'd probably be best inquiringto the Radius community about how to do this -- I certainly don't knowtheir API off the top of my head and it's out of scope foropenldap-technical.

Follow-Ups:
- RE: LDAP authentication using Radius
  - From: "JET JETASIK" <jet@transniaga.co.th>

References:
- LDAP authentication using Radius
  - From: "JET JETASIK" <jet@transniaga.co.th>
- Re: LDAP authentication using Radius
  - From: Howard Chu <hyc@symas.com>
- RE: LDAP authentication using Radius
  - From: "JET JETASIK" <jet@transniaga.co.th>
- RE: LDAP authentication using Radius
  - From: "JET JETASIK" <jet@transniaga.co.th>
- RE: LDAP authentication using Radius
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- RE: LDAP authentication using Radius
  - From: "JET JETASIK" <jet@transniaga.co.th>
- RE: LDAP authentication using Radius
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- RE: LDAP authentication using Radius
  - From: "JET JETASIK" <jet@transniaga.co.th>

Prev by Date: RE: LDAP authentication using Radius
Next by Date: RE: LDAP authentication using Radius
Index(es):
- Chronological
- Thread