Getting LDAP reply parameters
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Mon Nov 18 22:39:06 CET 2019
> (0) ldap - EXPAND .
> (0) ldap - --> .
> (0) ldap - EXPAND Authenticated at %S
> (0) ldap - --> Authenticated at 2019-11-18 15:28:14
> (0) ldap - Reserved connection (0)
> (0) ldap - Performing search in "dc=viasat,dc=com" with filter "(cn=1,6,00:a0:bc:6c:7d:00)", scope "sub"
> (0) ldap - Waiting for search result...
> (0) ldap - User object found at DN "cn=1\,6\,00:A0:BC:6C:7D:00,dc=viasat,dc=com"
> (0) ldap - Modifying object with DN "cn=1\,6\,00:A0:BC:6C:7D:00,dc=viasat,dc=com"
> (0) ldap - Waiting for modify result...
> (0) ldap - Released connection (0)
> (0) ldap (ok)
> (0) EXPAND %{reply:Reply-Message}
> (0) --> (null)
> (0) EXPAND %{reply:DHCP-Vendor}
> (0) --> (null)
> ...
>
> I could not get the "dn" attribute into "reply:Reply-Message".
Yeah, you're calling the Post-Auth method of the LDAP module apparently, it's not going to return attributes for you...
A lot of this will be fixed before v4.0.x is released. We've added arbitrary module methods so we can map DHCP sections
onto LDAP or IP allocation module methods, it's just the mappings aren't there yet :)
Try calling ldap with `ldap.authorize`, that should do what you want.
-Arran
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
More information about the Freeradius-Users
mailing list