Hi all,

I have a freeradius 2.1.3 running and I can successfully authenticate users.
I would like to use a users LDAP attribute so I can provide them with different permissions on the proxy server.
I have currently mapped a RADIUS attribute to the LDAP attribute and it successfully reads the attribute when a user is authenticating.

From radiusd -X:

rlm_ldap: description -> My-Local-LDAP-Comment = "STAFF"

So the user in question has STAFF as a comment in his ldap description attribute.

I have added the My-Local-LDAP-Comment into the raddb/dictionary file like this:

ATTRIBUTE       My-Local-LDAP-Comment   3000    string

and in the raddb/ldap.attrmap I have added:

replyItem       My-Local-LDAP-Comment           description


Now, what I am failing to understand is how I can get the proxy server to receive the My-Local-LDAP-Comment attribute from RADIUS,
so I can make rules depending on its contents?

Any suggestions on what to do, or which documentation to read would be appreciated.

Thanks,
Sigurd