freeradius 2.1.7-7.el5 - How to get vendor specific attributes from LDAP

[Jakub Pech]

Dne 25.11.11 10:34, Alan DeKok napsal(a):
> Jakub Pech wrote:
>> >  First I undrestanded that the radius check are items that radius checks
>> >  in LDAP. But since I havent found any documentation to ldap.attrmap file
>    Nonsense.  The file contains comments which describe what it does.
> The doc/rlm_ldap file contains additional documentation.
I red mentioned comments/documents MANY times and I didn't noticed 
anything that will describe de difference between check/reply item.
>
>> >  (i found only that it may be included in man users, but it isn't in
>> >  freeradius2) I tried both: radiuscheck / radiusreply / radiuscheck and
>> >  radius reply together. Nothing worked for me. That Is the reason why I'm
>> >  almost sure that this isn't the cause of my problem.
>    You're trying random things because you don't understand how it works.
Yes You are right. And because of it I'm reading the documentations, 
wiki, descriptions, I'm googling etc. Just normal things when I'm 
setting up something I haven't set up before. But I didn't find the 
solution on almost week of working so I'm asking.
>
>    Even worse, you don't understand how RADIUS and LDAP works.  Asking if
> FreeRADIUS reads the LDAP schema is*very*  wrong.  FreeRADIUS isn't an
> LDAP server.
>
>> >  Is there anything else then ldap.attrmap that should be set up for
>> >  sending vendor specific attributes from LDAP?
>    The schema.  Define an LDAP attribute which contains the information
> for the VSA.  Map that attribute to RADIUS in ldap.attrmap.  It should
> take all of 15 minutes.
Ok, you didn't catch my question. Is there anything else then 
ldap.attrmap and /modules/ldap that should be set up on freeradius 
server? Of course I have LDAP schema updated on LDAP server.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111125/eb1ffd4e/attachment.html>