[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: Active Directory Juniper mapping attribute - no local login-id configured
From: Alan DeKok <aland () deployingradius ! com>
Date: 2021-09-06 12:53:31
Message-ID: 3BBEEBF8-9950-4505-B10B-438D68A17AF4 () deployingradius ! com
[Download RAW message or body]
On Sep 3, 2021, at 2:43 PM, Steven Vacaroaia <stef97@gmail.com> wrote:
> I am trying to setup 2FA for my Juniper switches using Freeradius,
> Active Directory and Yubikey
> ...
> "..
> to make sure that the group of users that you're allowing access to
> the EXs gets the following vendor-specific attribute returned in their
> access-accept message:
>
> Vendor Code: 2636 (Juniper)
>
> Attribute:1 Juniper-Local-User-Name
>
> Value: "superUserClass"
>
> ..."
update reply {
Juniper-Local-User-Name := "foo"
}
> Do I have to modify AD schema and add those attributes or there is a
> better / smarter way to
> achieve the above ?
You can just add attributes.
> Any help/ instructions / ideas / documentation pointers will be
> greatly appreciated
$ man unlang
And see the many examples in radiusd.conf.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic