rbt-exec for Riverbed Steelhead WAN Optimizers

114 views
Skip to first unread message

Klint Kasselman

unread,
Jan 29, 2014, 5:35:54 PM1/29/14
to event-driv...@googlegroups.com

Hello,

Great product but I have ran into a small issue I hope someone can help me with.

In my old Cisco ACS 4.1 I had the option to set the rbt-exec unknown and give it a custom attribute. I provided a screen shot of the example.
Riverbed uses this option for Authorization purposes. So for example I could set it to "monitor" instead "admin".

--Debug output when trying to login to WAN Optimizer--

Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: Start authorization request
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: cfg_get: checking user/group myusername, tag (NULL)
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: cfg_get: checking user/group admin, tag (NULL)
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: cfg_get: checking user/group myusername, tag (NULL)
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: cfg_get: checking user/group admin, tag (NULL)
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: user 'myusername' found
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: cfg_get: checking user/group myusername, tag (NULL)
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: myuse...@192.168.1.10: not found: svcname=rbt-exec@all protocol=unknown
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: myuse...@192.168.1.10: not found: svcname=rbt-exec protocol=unknown
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: cfg_get: checking user/group admin, tag (NULL)
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: myuse...@192.168.1.10: not found: svcname=rbt-exec@all protocol=unknown
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: myuse...@192.168.1.10: not found: svcname=rbt-exec protocol=unknown
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: nas:service=rbt-exec (passed thru)
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: nas:protocol=unknown (passed thru)
Jan 29 16:29:04 myserver tac_plus[3732]: 1/00000000: Writing AUTHOR/PASS_ADD size=18


I couldn't find anything in the documentation but I tried this configuration because it made sense to me. However, it doesn't like "local-user-name".

service = rbt-exec {
         local-user-name = admin
}


output of "tac_plus -P tac_plus.cfg"

tac_plus.cfg:103: 'local-user-name' unexpected
3713: tac_plus.cfg:103: 'local-user-name' unexpected
3713: Detected fatal configuration error. Exiting.


Any thoughts or suggestions would be appreciated.

Thanks,
Klint



Custom Attribute.JPG

Marc Huber

unread,
Feb 2, 2014, 5:09:58 AM2/2/14
to event-driv...@googlegroups.com
Hi Klint,

try
service = rbt-exec {
         set local-user-name = admin
}

Cheers,

Marc

Klint Kasselman

unread,
Feb 3, 2014, 11:28:01 AM2/3/14
to event-driv...@googlegroups.com
Bingo! that did the trick. Thank you.
Reply all
Reply to author
Forward
0 new messages