redundant LDAP-Group
Josip Rodin
joy at entuzijast.net
Thu Dec 2 13:43:02 CET 2010
On Thu, Dec 02, 2010 at 11:54:28AM +0000, Alexander Clouter wrote:
> DEFAULT NAS-Identifier == switch, Huntgroup-Name == allied-telesis, ldap_login1-LDAP-Group == it-switch-admin
> DEFAULT NAS-Identifier == switch, Huntgroup-Name == allied-telesis, ldap_login2-LDAP-Group == it-switch-admin
>
> instantiate {
> ldap_login1
> ldap_login2
This sounds like you're comparing attributes called "ldap_login1-LDAP-Group"
and "ldap_login2-LDAP-Group". Presumably these are generated with those
distinct names, by your two LDAP module instances.
How do the definitions of those two look like?
IOW have you tried using a common LDAP attribute map in both?
--
2. That which causes joy or happiness.
More information about the Freeradius-Users
mailing list