11 May
2009
11 May
'09
4:48 a.m.
In my "users" file I preform an Ldap-Group lookup and allocate vlan based on this. i.e. DEFAULT Ldap-Group != "cn=DisabledRadiusUsers,ou=roles,ou=services,o=abc"
The issue I am having is if a user has an Outer Identity set, the Ldap-Group lookup is performed against this username not the Inner Identity username. Is there any way of ensuring that the lookup is performed against the "real" inner identity not the "fake" outer identity?
Ldap-Group doesn't work with !=, only ==. Don't list ldap in default but in inner-tunnel virtual server. Activate use_tunneled_reply in peap (it is peap? if it's ttls, than do it in ttls section) section of eap.conf Ivan Kalik Kalik Informatika ISP