ldap.attrmap question

Alan DeKok aland at nitros9.org
Thu Apr 6 06:16:58 CEST 2006


liz <liz at unixgrrl.net> wrote:
> I have  a simple question about the ldap.attrmap file.  I have placed  
> the following two lines into my ldap.attrmap.file.
...
> checkItem	Group-Name		 	Description
> replyItem	Group-Name			Description

  You are trying to re-define attributes that have existing
definitions in the server.  Don't do that.  Create a new attribute,
instead.

> What I am trying  
> to do is obtain information from an attribute in the LDAP server and  
> then pass it to the NAS we are using. 

  In which case you have to pick an attribute the NAS understands.
Group-Name is not an attribute any NAS understands.

> a) Is this approriate use of the ldap.attrmap file

  No.

> b) Is there any easier way to do this.

  It depends on what you want to do.

> c) What should I see when it  succefsully sends an attribute to the NAS.

  You should see the attribute in the reply, in debugging mode.

  Alan DeKok.



More information about the Freeradius-Users mailing list