Set reply attributes based on LDAP attribute
Alan DeKok
aland at deployingradius.com
Mon Dec 5 08:23:37 CET 2011
aidanr wrote:
> I am trying to configure freeradius 2.1.12 to set the
> 'Tunnel-Private-Group-Id' attribute based on a value retrieved from LDAP.
That should be easy.
> I have pulled the variable form LDAP and am storing it as a local Radius
> variable called 'Person-OrgUnit'. In the users file I am trying to check
> it's value and set other attributes based on its value.
That's not really easy. The "users" file does comparisons on request
attributes or configuration attributes.
You probably want to use unlang. It's much simpler, and you can
directly address the attributes you need.
> I have looked at using rlm_checkval but I am seeing
> 'rlm_checkval: Could not find item named Person-OrgUnit in request'
> in the logs. I do not think this module is designed to do what I want.
Exactly. It's also why the "users" file doesn't work.
Alan DeKok.
More information about the Freeradius-Users
mailing list