Re: FR 3.0.13, reply of attributes missing

J├╝rgen Northe jn at northe-online.de
Sat Mar 2 22:35:12 CET 2019


I managed it to define and assign the wanted LDAP attributes in the reply messages by defining them in the LDAP module. 
I am quite finished now but have one question left: 
All types of my VLAN settings are kept in profiles.
In the settings of a device is a  "radiusProfileDN" attribute pointing to the profile like 
cn=PRINTER,ou=VLAN,ou=profiles,ou=radius,dc=compend,dc=com where i.e. radiusTunnelPrivateGroupID and others are defined.
Right now, the server is not going to resolve the radiusProfileDN.
Do I have to define here also a matching pair of radius and LDAP attribute which is in module ldap group section treated with filter definitions?

I put the 4 lines of ldap module of group handling, because the server is not diving in. this section at all.

filter = '(objectClass=radiusprofile)'
name_attribute = cn
membership_attribute = 'radiusProfileDN'
membership_filter = "(|(member=%{control:Ldap-UserDn})(memberUid=%{%{Stripped-User-Name}:-%{User-Name}}))"

Thanks in advance.
juergen




More information about the Freeradius-Users mailing list