Referencing LDAP attributes in post-auth
Adam Track
adamtrack at rocketmail.com
Mon Dec 19 20:28:04 CET 2011
> why call LDAP in the outerid for EAP- surely call it in the inner-tunnel instead
> (and put some protection around it so that its only called when needed - right
> now, if you look, you'll see your LDAP whacked all over the place during requests
> coming through - at least 3x more queries to the LDAP than you need.)
Well, thanks so much Alan, putting all of this into the inner-tunnel authorization block finally allows me to get the value in post-auth block (of the inner-tunnel). The reason why I put this into the outer tunnel was because I'm calling LDAP for authorization only so I didn't think it should mix with the authentication done in the inner tunnel, where EAP comes into play.. guess I was wrong.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111219/29ba16cd/attachment.html>
More information about the Freeradius-Users
mailing list