using different filter for ldap modul by NAS

Richard Kuchar r.kuchar at pod.cvut.cz
Wed Mar 21 22:24:47 CET 2012


Hi,

i need tu use different query to ldap (filter) by NAS from witch query come.

I add this to site-enabled/default under authorize section :

        ...
        switch "%{NAS-IP-Address}" {
            case 10.0.16.3 {
                # test
                update control {
                    CU-LDAP-Filter = (uid=%u@%u)
                }
            }
            case {
                # default
                update control {
                    CU-LDAP-Filter =
"\(\&\(cn=%u\)\(radiusCallingStationId=%i\)\)"
                }
            }
        }

        ldap
        ...

and this to modules/ldap:

        ...
        filter = "%{control:CU-LDAP-Filter}"
        ...

So far so good. filter query is changed by NAS. By in debug it di this:

        [ldap]  expand: %{control:CU-LDAP-Filter} -> \28uid\3d%u@%u\29

So it change some characters. I try escape it, by it doesn't work.
What I do wrong.

Best Regards!

Richard Kuchar


More information about the Freeradius-Users mailing list