Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 3:06 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 1 post ] 
Author Message
PostPosted: Tue May 15, 2012 3:41 pm 
Offline
Yubico Team
Yubico Team

Joined: Mon Feb 22, 2010 9:49 am
Posts: 183
Recently we have received a few mails asking about how YubiRADIUS returns the group membership information of the user.

YubiRADIUS returns user's group membership information as RADIUS attribute = 25 i.e. "CLASS".

If you wish you use this information in the authentication process by your client, you should

a) YRVA configuration:

1. You need to enable the 'Return user's Group Membership in RADIUS response’.

Typically 'Response format' is set as:

'cn= <Group name>;' (without quotes)

Goto “YubiRADIUS Virtual Appliance” >> Under “Domain” TAB select “domain name” >> Select “Configuration” >> Enable “Return user's Group Membership in RADIUS response” >> Enter group information in “Response format” as,

“cn= “<Group name>”;”

Under “Group return information” select which ever is required either “Group DN” or “Group Name”

2. You can add client as per device IP and the client secret.


b) set the RADIUS attribute to 25 or CLASS in your device's configuration (please refer to user guide of your device for more details).


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group