Ldap-Group DN and the match "=~" check
Thibault Le Meur
Thibault.LeMeur at supelec.fr
Mon Jul 17 19:05:59 CEST 2006
> > Maybe... but is ldap xlat yet available in the "users" file ? As
> > stated in doc/rlm_ldap I thought it was only "hopefully shortly"
> > available ?
>
> The issue is more that the LDAP module ignores the
> operator, and does a simple string compare. The server core
> needs to expose an API that does the operator-specific
> compare. It's probably not too hard...
>
> Alan DeKok.
This means either translating a regexp filter to an Ldap filter, or getting
the whole set of groups the user belongs to and then do the regexp compare.
I'll have a look at the code when I have time (argh... I hate these last 4
words).
Thanks,
Thibault
More information about the Freeradius-Users
mailing list