Menu
▾
▴
Re: [Netdisco] 802.1x/Phones/etc
|
From: Alan B. <A.L...@lb...> - 2010-08-19 11:14:37
|
Hi, > 1. Has anybody done any work integrating data from 802.1x logins into > Netdisco's Node database? I'd love to be able to search based on username > to find a switchport. I can already stuff the data into a database from > RADIUS, or is there a way to find this out via SNMP? if you are using eg FreeRADIUS or RADIATOR then it should be possible (fairly easy, not trivial) to put the username details into a new table in netdisco - the RADIUS server will know the switch address and port (its in the AAA requests) - so just do an SQL call in the post-auth section (FreeRADIUS) or after auth in RADIATOR. however, we have an issue with RADIUS assigned VLANs in NetDISCO in that we dont have an 'access vlan' defined for the PC - its derived from the server after authentication so netdisco shows the port belongs to all VLANs :-( > 2. NetBIOS username lookups only seem to work when people are remote > desktopped into a machine. Is there a way to make this work? Or would it > be easier to make that query via WMI? ? it should show it when they are logged in - but its sort of based on the historically windows way - WINS servers - which are all but dying/dead with win vista/7 > 3. Is there a way to find phone extentions out of Cisco handsets or Call > Manager to be added to searches/reports? you can put that info into the phones LLDP. turn LLDP on on the handset and the switch (its the IEEE version of CDP) - then you can pick up the extension as part of LLDP info - but not sure if netdisco handles LLDP on cisco - yet! > 4. The root discovery process tries to query every phone via SNMP. I added > our phone subnets to discover_no, but then the PC behind the phone isn't > added to the database. Is this a bug, or is there a way to make it work? do you have voice vlan and access vlan? or all just on a trunk? or all just on a vlan? PCs get added to the system via MAC address table entries and then ARP info to get IPs, the PC isnt SNMP'd > 5. Is there any work being done/patches released for the Cisco wireless > LAN controller replicating the data available from autonomous access > points? ;-) we have a similar issue since migration from autonomous several years ago. the WISM devices can be SNMP walked etc...the APs themselves are pretty dumb (though you can turn on remote telnet/ssh if you really wanted (warning, only do it for bug tracking/debugging!). it'd be nice to get some functionality back...but not too essential (for us - as we have WCS feeding us info - as we wrote some home-grown scripts to do tracking of MAC/IP across such devices) alan |
