rlm_checkval module
Yeargan, Yancey
yancey at unt.edu
Thu May 29 23:45:21 CEST 2008
> Please try explaining the requirements, not why your chosen
> solution doesn't work.
I did explain the requirements in the message. I meant to be
very clear that I had researched the issue and was not asking
for a solution without first doing my homework. I tried to find a
solution, but the documentation is not very thorough.
>> I added this to the ldap.attrmap file:
>> checkItem NAS-IP-Address host
> Don't. Just don't. NAS-IP-Address is sent by the NAS
> in a RADIUS packet.
Yes, I know that NAS-IP-Address is sent by the NAS
in a RADIUS packet. From the documentation, I
understood that ldap.attrmap allows one to
1) Include values from the database
in the RADIUS reply [replyItem].
or
2) Compare values from the RADIUS request
to values in the database [checkItem].
Is that not correct? If not, then what is the purpose
of the checkvar module?
The LDAP query solution does work, even though it seems quite
a mess in the configuration files. Thanks for that solution.
Yancey
More information about the Freeradius-Users
mailing list