Forum Discussion
janholtz
May 04, 2011Altostratus
Firepass and Active directory session vars
Hi
I currently have a prospective client doing a competitive POC involving Firepass.
We are using Active Directory for authentication, and the client would like to assign static IP addresses via the msRADIUSFramedIPAddress active directory attribute.
Currently using the variable as defined in logging gives us a signed BCD (e.g -1407320190) instead of a dotted quad.
Obviously the network access isn't happy with that when I use that session variable value.
So either:
1) There is a shortcut where we can get the value in the correct format from the AD controller
or
2) I need to create an advanced session var, and figure out a script to convert -1407320190 to 192.168.foo.bar.
SO
If anyone has solved this before, some advice would be appreciated...
Thanks
Jan
- Mike_61719CirrusI don't have this problem, what table are you using on your radius DB? The attribute is number 8 for framed IP's.
- janholtzAltostratusHi Mike
OPTIONEXPLICITConst E_ADS_PROPERTY_NOT_FOUND = &h8000500DDIM objUser,msRADIUSFramedIPAddress'<<<< Bind to the user object using the distinguished name >>>>set objUser = GetObject("LDAP://cn=user1,cn=users,dc=wisesoft,dc=org,dc=uk")ONERRORRESUMENEXT msRADIUSFramedIPAddress= objUser.get("msRADIUSFramedIPAddress")IF Err.Number = E_ADS_PROPERTY_NOT_FOUND then wscript.echo "Static IP Address Not Assigned" err.clearelse wscript.echo IntegerToIPAddress(msRADIUSFramedIPAddress)EndIf' Function to convert Integer value to IP Address.Function IntegerToIPAddress(intIP)Const FourthOctet = 1Const ThirdOctet = 256Const SecondOctet = 65536Const FirstOctet = 16777216dim strIP,intFirstRemainder,intSecondRemainder,intThirdRemainderIfsgn(intIP) = -1 Then strIP = (256 + (int(intIP/FirstOctet))) & "." intFirstRemainder = intIP mod FirstOctet strIP = strIP & (256 + (int(intFirstRemainder/SecondOctet))) & "." intSecondRemainder = intFirstRemainder mod SecondOctet strIP = strIP & (256 + (int(intSecondRemainder/ThirdOctet))) & "." intThirdRemainder = intSecondRemainder mod ThirdOctet strIP = strIP & (256 + (int(intThirdRemainder/FourthOctet)))Else strIP = int(intIP/FirstOctet) & "." intFirstRemainder = intIP mod FirstOctet strIP = strIP & int(intFirstRemainder/SecondOctet) & "." intSecondRemainder = intFirstRemainder mod SecondOctet strIP = strIP & int(intSecondRemainder/ThirdOctet) & "." intThirdRemainder = intSecondRemainder mod ThirdOctet strIP = strIP & int(intThirdRemainder/FourthOctet)EndIf IntegerToIPAddress = strIPendfunction -------------------------------------------------------------------------------------------- So how do I do this on firepass??? Jan
- Mike_61719CirrusWell, all I can say is that the Firepass takes it as a literal value. The only thing I could recommend is to use a Radius server or run a script to convert them and add it into another attribute with just the values needed.
- janholtzAltostratusHi Mike
- Mike_61719CirrusPosted By janholtz on 05/09/2011 12:59 AM
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects