Antw: Re: Attr-Rewrite and Users File

Alan DeKok aland at deployingradius.com
Fri Oct 2 20:33:54 CEST 2009


Anja Ruckdaeschel wrote:
> Now I did it with unlang in the authorize section before the files module....
> 
>  if (Acct-Session-Id) {
>         if (Acct-Session-Id =~  /^[^\(]+([\(])([^\)]+).+$/ ) {
>                
>                 update request {
>                 ldapgroups1-Ldap-Group := "cn=%{2},ou=vpn,ou=test,o=test,c=de"

  The "ldapgroups1-Ldap-Group" attribute can *only* do comparisons.
Assigning to it is not supported.

  And even if assigning to it was supported, the LDAP-Group attribute
checks group *names*.  It doesn't support LDAP queries like "cn=...,ou=..."

  Perhaps you could try to describe what you are trying to do.  Describe
it in terms of ideas, not pieces of configuration files.  The
configuration pieces you posted are wrong, and won't work.

  Alan DeKok.



More information about the Freeradius-Users mailing list