ldap attribute update

Anirudh Malhotra 8zero2ops at gmail.com
Wed Mar 30 17:47:06 CEST 2016 

Hi

Thanks for your prompt reply

couple of questions,
when using eap inner tunned would be used right?
so ldap module when called and some control attributes are updated these
are going to updated in the inner control or the outer control(or there is
no such thing) and attributes are copied?

Also the unlang which i ran was in post auth so that is the end of the
request and ldap is parsed above it, so could that be a problem which u
suggested in your previous reply.

Secondly could the data type of ldap attribute(integer or string) affect
the unlang would treat the attribute?



BR,
Anirudh Malhotra
Mail: 8zero2.in at gmail.com
Facebook: www.facebook.com/8zero2
Twitter: @8zero2_in
Blog: blog.8zero2.in

On Wed, Mar 30, 2016 at 9:02 PM, Alan DeKok <aland at deployingradius.com>
wrote:

> On Mar 30, 2016, at 11:27 AM, Anirudh Malhotra <8zero2ops at gmail.com>
> wrote:
> > I am trying to map an attribute from ldap to freeradius control
> > did this
> > update {
> > control:wifi           := 'wifi'
> > }
> >
> > getting this when parsing ldap
> > (446) ldap: Processing user attributes
> > (446) ldap: control:wifi := '5'
>
>   That's good.
>
> > created this wifi attribute in dictionary as well
>
>   That's good.
>
> > and when I am trying to use this in post auth in default but that is
> giving
> > me an error
> >
> > (80) elsif ((control:wifi == "1") || (control:wifi == "5")) {
> > (80)     ERROR: Failed retrieving values required to evaluate condition
>
>   Read the debug output to see why.  ALL OF IT.
>
> > I am missing something, maybe something very elementary sorry for that :p
>
>   Yes.  You probably put the rules which create control:wifi AFTER the
> tools which look at it.
>
>   You can't look at it if it doesn't exist.
>
> > I am doing PEAP-GTC using LDAP by the way, so I though may be ldap is
> > getting pasrsed inside inner-tunnel
>
>   Your entire approach is wrong.  There is no "may be".  The server
> doesn't work randomly.
>
>   The answer to your question is in the debug output.  READ IT.
>
> > but still the same problem, please help
>
>   Read the debug output.
>
>   I still don't know why people try to solve problems without looking at
> the debug output.  The answers are there.  If you're ignoring the debug
> output, you're wasting everyones time.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list