ldap.attrmap problem

Alan DeKok aland at ox.org
Thu Jun 2 23:47:03 CEST 2005


"pieter.hotting" <pieter.hotting at hetnet.nl> wrote:
> When I look at a datascope to the interaction between FreeRadius and eDirectory I see correctly the response rADIUSDialAccessGroup --> cn=E_VPN_Clients_1,ou=RmtAcc,ou=SERVICES,o=AN. However if I look at the output of radius I see:
>          rlm_ldap: looking for reply items in directory...
>          rlm_ldap: Adding rADIUSDialAccessGroup as CVPN-3k-Groups, value cn & op=11
> 
> This tells me that for some reason the response is stripped at the '=' sign.
> 
> Can anyone point me in the right direction what I'm doing wrong?

  The LDAP module looks in the contents of the returned data to
determine the operator.  You can force it to use a particular operator
by adding an extra field to ldap.attrmap:

replyItem       CVPN-3k-Groups                  rADIUSDialAccessGroup +=

  This only works in the CVS snapshot, though.

  Alan DeKok.





More information about the Freeradius-Users mailing list