Re: IAS-proxy and adding attributes part 2
From: Manjunath Bharadwaj [MSFT] (mbhara_at_online.microsoft.com)
Date: 03/21/05
- Next message: James McIllece [MS]: "Re: Etablishing a enterprise solution for guest and employee access"
- Previous message: anonymous_at_discussions.microsoft.com: "IAS-proxy and adding attributes part 2"
- In reply to: anonymous_at_discussions.microsoft.com: "IAS-proxy and adding attributes part 2"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 21 Mar 2005 08:40:06 -0800
Mika,
The custom dll has to export some functions. There is a list of functions
you need to export here:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ias/ias/internet_authentication_service_functions.asp
You can write your dll in any language you choose, but I expect C/C++ to
be the easiest. I have not looked at the code (company policy) but there are
some sample dlls on sourceforge that can give you a starting point.
There is a second method that is non extensible and unsupported by
Microsoft: you can modify the dnary.mdb to enable this attribute to be
modified and sent from your proxy to the backend RADIUS server. Look at the
thread a few weeks ago called "Locking down IAS and NAS". You should edit
the dnary.mdb and check the columb called "IsAllowedInProxyProfile" for
NAS-IP-Address. You should then see "Nas-IP-Address" in your proxy
attributes and you can modify that.
Obviously this is not the preferred way to do it since you can end up
corrupting your IAS configuration.
Hope it helps.
Thanks, Manju
-- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ http://www.microsoft.com/technet/community/chats/default.mspx Customer chat event: Setting up Secure Infrastructure for Wireless Network (March 29, 2005, 1:00 - 2:00 P.M. Pacific Time) Setting up a secure infrastructure for wireless network can be complex and challenging. Bring your questions and comments to the table and interact with experts from the Internet Authentication Service team to get them answered. Find out how you can use IAS as the RADIUS server to set up an 802.1x network and how you can set up underlying systems like Certification Authority service, Active Directory and Group Policy. +++++++++++++++++++++++++++++++++++++++++++++++ This posting is provided "AS IS" with no warranties, and confers no rights
- Next message: James McIllece [MS]: "Re: Etablishing a enterprise solution for guest and employee access"
- Previous message: anonymous_at_discussions.microsoft.com: "IAS-proxy and adding attributes part 2"
- In reply to: anonymous_at_discussions.microsoft.com: "IAS-proxy and adding attributes part 2"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
