ldap stuff (v 2.1.1)

Kenneth Grady klg at lanl.gov
Tue Mar 10 21:32:09 CET 2009


I've read that,  I just can't seem to make it work, I'm missing
something, but can't figure it out.
instantiate {
        ldap NIE {
               server = "ldap"
               basedn = "dc=lanl,dc=gov"
               filter = "(&(departmentNumber=NIE-2)(uid=%{User-Name}))"
               ...
        }
        #  Allows the execution of external scripts.
        #  The entire command line (and output) must fit into 253 bytes.
        #
        #  e.g. Framed-Pool = `%{exec:/bin/echo foo}`
        exec

and in radiusd -X
...
radiusd: #### Instantiating modules ####
 instantiate {
 Module: Linked to module rlm_exec
 Module: Instantiating exec
...
/etc/raddb/users[83]: Parse error (check) for entry DEFAULT: Unknown
vendor name in attribute name "NIE-ldap-Group"
Errors reading /etc/raddb/users

but
instantiate {
    ldap
    ldap NIE {...
    ...
    exec
then in radiusd -X
radiusd: #### Instantiating modules ####
 instantiate {
 Module: Linked to module rlm_ldap
 Module: Instantiating ldap
  ldap {
    ...
  }
rlm_ldap: Registering ldap_groupcmp for Ldap-Group
...
/etc/raddb/users[83]: Parse error (check) for entry DEFAULT: Unknown
vendor name in attribute name "NIE-ldap-Group"


tnt at kalik.net wrote:
>> I would like to have an ldap group that is another instance of ldap
>> (selected by departmentNumber), but I don't see how to add it into the
>> configuration (users file).
>>     
>
> This is documented:
>
> http://wiki.freeradius.org/Rlm_ldap#Group_Support
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>   



More information about the Freeradius-Users mailing list