Security

Reply
New Contributor
Posts: 2
Registered: ‎10-20-2015

ClearPass custom RADIUS reply-message(18) based on memberOf

Can anyone think of a way for ClearPass to generate a custom RADIUS reply-message based on a filtered memberOf string for an authenticated user?

 

I am trying to work with a device that can give users options based on what RADIUS returns in the reply-message.  I would like to use the memberOf string from an AD query but in alot of cases that string is longer than the reply-message string.  So I need a way to filter the memberOf string before inserting it to the reply-message.

 

Any ideas?

Guru Elite
Posts: 8,191
Registered: ‎09-08-2010

Re: ClearPass custom RADIUS reply-message(18) based on memberOf

You can put any ClearPass variable into that reply, the problem is memerOf
returns a lot of different items.

Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
New Contributor
Posts: 2
Registered: ‎10-20-2015

Re: ClearPass custom RADIUS reply-message(18) based on memberOf

OK, so can I stick the memberOf string in a ClearPass variable and then generate a reply-message based on a query of that variable(string)?


So for example:

memberOf = "CN=Domain Admins, CN=Domain Users, CN=Registered User, CN=VPN Use";

String variable;

If memberOf CONTAINS "CN=Domain Admins" variable +="Domain Admin";

If memberOf CONTAINS "CN=VPN User" variable+="Domain User";

 

Guru Elite
Posts: 8,191
Registered: ‎09-08-2010

Re: ClearPass custom RADIUS reply-message(18) based on memberOf

It's going to be the raw output. You only add to the beginning or end.

Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Search Airheads
Showing results for 
Search instead for 
Did you mean: