New checkItem from LDAP
Joe H
jharlan at gwi.net
Wed Aug 31 16:30:55 CEST 2005
> Joe H <jharlan at gwi.net> wrote:
>> lines. lines 2 and 11 are other DEFAULT entries in the users file with
>> fall-through set to yes. It skips right over the SNS-Enable checkItem.
>
> Ah. The "users" file isn't set up to do comparisons on check items.
>
> So I don't think it will work.
>
> Alan DeKok.
>
That's basically the conclusion I came to, which is why I asked.
Is there a way to add another attribute to the ldap module in the
radiusd.conf. Something similar to the groupname_attribute?
I've found that adding a fake second module to this file and setting
groupname_attribute = radiusSNSEnable works if I do something like the
following in the users file:
DEFAULT sns-test-Ldap-Group != "1"
USR-Framed_IP_Address_Pool_Name = "BLACKHOLE1",
Idle-Timeout := "120",
Fall-Through = Yes
where sns-test is my module name. This way works but I think it's messy
since I'm creating a module for just one attribute to be called. Plus if
I ever need to add new attributes, that's a lot of modules.
Thanks.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list