How to add VAP based on LDAP group membership

Stefan Winter stefan.winter at restena.lu
Fri Feb 19 13:58:10 CET 2016 

Hi,

> I still don't get it sorry :(

> ldap:///ou=hosts,dc=testdomain,dc=de?macAddress?sub?macAddress=%{Calling-Station-Id}}

There is no hostname in that string. Which server do you want to ask?
You should tell the server that tiny bit of information.

In most protocols, the hostname comes after the first two slashes, like in

ldap://hostname.example/...

The first hit for "ldap url" on DuckDuckGo brought to this page:

http://docs.oracle.com/javase/jndi/tutorial/ldap/misc/url.html

and I'm sure there are hundreds of pages on the net with that same
information.

Greetings,

Stefan Winter

> {
>          update reply {
>             Aruba-User-Vlan = "200"
>          }
> }
> 
> But the error message is the same. What do you mean with "all needs a
> hostname"? The "redundand_ldap" is configured as:
> 
>    redundant redundant_ldap {
>       ldap1
>       ldap2
>    }
> 
> 
> Best,
> Thomas
> 
> Am 19.02.2016 um 13:14 schrieb Alan DeKok:
>> On Feb 19, 2016, at 6:01 AM, Thomas Stather
>> <Thomas.Stather at mpimf-heidelberg.mpg.de> wrote:
>>> I tried this in "post-auth" section:
>>>
>>>
>>>        if
>>> ("%{redundant_ldap:///ou=hosts,dc=testdomain,dc=de?macAddress?sub}"
>>> == %{Calling-Station-Id}) {
>>    That isn't an LDAP URL.
>>> (12)       if
>>> ("%{redundant_ldap:///ou=hosts,dc=testdomain,dc=de?macAddress?sub}"
>>> == %{Calling-Station-Id}) {
>>> (12)       ERROR: String passed does not look like an LDAP URL
>>> (12)       ERROR: String passed does not look like an LDAP URL
>>    Yup.  The LDAP client code doesn't think it's an LDAP URL.
>>
>>> What am i doing wrong?
>>    You're not passing an LDAP URL to the LDAP query.  I would have
>> thought the message was pretty clear.
>>
>>    Read the LDAP documentation to see what an LDAP URL looks like.  A
>> simple google search for "ldap url" yields lots of documentation.
>>
>>    All of which says you need a hostname.
>>
>>    Alan DeKok.
>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
> 


-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20160219/a287fb31/attachment-0001.sig>

More information about the Freeradius-Users mailing list