Freeradius 3 & LDAP Generic Attributes
Nicholas Lemberger
nick.lemberger at lkfd.net
Fri Apr 12 21:00:37 CEST 2013
The ldap.attrmap syntax in FR2 was:
checkItem $GENERIC$ radiusCheckItem
replyItem $GENERIC$ radiusReplyItem
Basically the ldap attributes radiusCheckItem & radiusReplyItem
contained FR attr/value pairs which were then added to the
corresponding attribute list in FR (e.g. in LDAP radiusReplyItem could
be "Primary-DNS-Server := 1.1.1.1").
They wouldn't necessarily need to be distinct check/reply attributes
in the new rlm_ldap... it could work more like unlang where an LDAP
attribute value could be "control:Disabled := true", and where if the
list: portion is omitted it would default to reply. No matter how
this happens, there's probably going to need to be a special case
syntax made in the rlm_ldap attribute mapping...
Best Regards,
-Nick
More information about the Freeradius-Users
mailing list