[LDAP] access to attribut with unlang

Alan DeKok aland at deployingradius.com
Wed Jan 6 17:42:43 CET 2016


On Jan 6, 2016, at 11:38 AM, vince technical address <vince.technicaladdress at gmail.com> wrote:\
> I currently use the rlm_ldap module to retrieve an entry corresponding
> to a filter
> defined in the authorize section. After (but always in section authorize) I
> would use the value of an LDAP attribute recovered with unlang.
> 
> Is it possible ?

  Yes.  In v2, see raddb/ldap.attrmap.

  And look on http://wiki.freeradius.org/  This is documented.

> Example :
> 
> authorize {
>   ldap
>   if(attribute == "qwerty") {
>      reject
>   }
> }
> 
> With "attribute"is the value of the attribute has been recovered with
> module ldap. (it is an idea to overcome the fact that xlat ldap does not
> enable failover).

  Version 3 allows for fail-over in xlat.  Upgrade.

  Alan DeKok.




More information about the Freeradius-Users mailing list