Security

Reply
Occasional Contributor II

Dynamic Comparison in Role Map

I'm looking for a way to compare two dynamic values in a role map. I'd like to compare the first four characters of Host:Name with the first four characters of RADIUS:IETF:Called-Station-Id.

 

Something like "Host:Name begins_with left(%{RADIUS:IETF:Called-Station-ID},4)" would be perfect if an Excel like left() fuction was a thing.

 

Is something like this possible in a role map or do I need to configure/build something else first to make the role map comparison easier?

 

 

Guru Elite

Re: Dynamic Comparison in Role Map

What is the use case here?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Dynamic Comparison in Role Map

My company has several locations. We want to identify when a device moves from one location to another. 

Guru Elite

Re: Dynamic Comparison in Role Map

Comparing partial values between two dynamic sources is not possible today.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Dynamic Comparison in Role Map

Do you know if it's possible to create a custom attribute that could be built from %{RADIUS:IETF:Called-Station-ID}? i.e. Taking part of the Called-Station-ID and storing it in Connection:Custom-Attribute?

Guru Elite

Re: Dynamic Comparison in Role Map

Likely possible with lots of custom SQL.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: