Need some help with Access-Reject messages in upgrade from FreeRadius1.1.0 to FreeRadius 2.0.5
Alan DeKok
aland at deployingradius.com
Fri Oct 24 15:42:56 CEST 2008
Adam Bultman wrote:
> I decided it would be easier (in the long run) to simply start with a
> default freeRadius 2.0.5 config file, and then adjust it to match our
> setup. This has so far been going well, except now I've run into a
> problem where variables in my users file are not being expanded.
I suggest using 2.1.1, or the "stable" tree. See git.freeradius.org.
> Example from the user's file:
> DEFAULT Huntgroup-Name == dsl, serveriron-Ldap-Group == dsl10m,
> User-Profile := "uid=dsl10m,ou
> =profiles,ou=radius,dc=mtaonline,dc=net", Ldap-UserDN :=
> `uid=%{User-Name},ou=dsl,dc=domain
> ,dc=com`
> Fall-Through = no
This won't work because the "users" file doesn't dynamically expand
everything. I suggest using "unlang":
if ((Huntgroup-Nmae == "dsl") && (serveridon... == ...)) {
update control {
User-Profile := "uid=..."
LDAP-UserDN := "uid=%{User-Name},ou=..."
}
}
That will cause the %{User-Name} to be expanded properly.
Alan DeKok.
More information about the Freeradius-Users
mailing list