EAP-TNC SoH Health Attributes

Mon Nov 28 11:57:14 PST 2011

Hi,

I have been able to make SoH "working" with FreeRADIUS (not NAP), 
however I found out there are not a lot of attributes populated (see 
RADIUS debug below) :

...
+- entering group authorize {...}
rlm_perl: Added pair NAS-Port-Type = Wireless-802.11
rlm_perl: Added pair SoH-Supported = yes
rlm_perl: Added pair SoH-MS-Machine-Processor = x86
rlm_perl: Added pair Service-Type = Login-User
rlm_perl: Added pair Called-Station-Id = 000B86600190
rlm_perl: Added pair SoH-MS-Machine-Name = wpa_supplicant at w1.fi
rlm_perl: Added pair Aruba-Attr-10 = 0x696e7665727365
rlm_perl: Added pair FreeRADIUS-Proxied-To = 127.0.0.1
rlm_perl: Added pair SoH-MS-Machine-OS-version = 0
rlm_perl: Added pair SoH-MS-Machine-OS-build = 0
rlm_perl: Added pair SoH-MS-Machine-Role = client
rlm_perl: Added pair NAS-IP-Address = 10.0.0.10
rlm_perl: Added pair SoH-MS-Machine-SP-release = 0
rlm_perl: Added pair SoH-MS-Correlation-Id = 
0x36edcce3bc319c117f9e14a2dbaed98b88e42776e5777c2d
rlm_perl: Added pair Aruba-Essid-Name = Devel-Secure
rlm_perl: Added pair Calling-Station-Id = 001BB18B8213
rlm_perl: Added pair SoH-MS-Machine-OS-release = 0
rlm_perl: Added pair Aruba-Location-Id = 00:0b:86:ce:e0:48
rlm_perl: Added pair SoH-MS-Machine-OS-vendor = Microsoft
rlm_perl: Added pair User-Name = fgaudreault
rlm_perl: Added pair NAS-Identifier = 10.0.0.10
rlm_perl: Added pair SoH-MS-Machine-SP-version = 0
rlm_perl: Added pair NAS-Port = 1
rlm_perl: Added pair Framed-MTU = 1100
++[soh] returns fail
...

Now, am I missing something to have the MS-Windows-Health-Status 
attributes populated (ie: SoH-MS-Windows-Health-Status = "antivirus 
error not-installed") ?  Also, Is there a way to write our own plugins 
in order to populate our own attributes?

Thanks!

-- 
Francois Gaudreault, ing. jr
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20111128/af2726b2/attachment.htm 