You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Users in DualShield have attributes such as the name of the domain they belong to, or the names of the groups they are member of, etc. Below is a list of commonly used user attributes:

 

-          loginName

-          domain.name

-          unit.name

-          groups.name

 

For example, to map the RADIUS attribute IETF/User-Name to a user's login name:

 

    

 

Group Names

 

Group name is slightly more complicated. However. A user may be a member of more than one group, therefore the attribute "groups.name" will return an array of group names. If you needs it to print the list of name as a comma separated values then you need to use the "join" function:

 

groups.name.join(',')

               

If you just want the name of the first group, then it is:

 

groups[0].name

 

IETF/Class

 

The RADIUS attribute "class" has the data type called "octets". In DualShield, there is no such data type. You must use the hexadecimal value of the data or use the "bytes" function:

 

1.    If the value is a fixed value, use the hexadecimal form of the value. For example, if the value is "123", then use "313233".

2.    If the value is a dynamic value, use the function "bytes" to get the value. For example, "domain.name.bytes"

 

     

 

There are several other RADIUS attributes that are defined as "octets" Please refer to:

http://opensource.apple.com/source/freeradius/freeradius-11/freeradius/share/dictionary.rfc2865