LDAP check attributes
Antonio Matera
antonio.matera at create-net.it
Wed May 17 10:06:35 CEST 2006
Hi,
thanks a lot for your answer.
Your solution works fine but I don't understand some things:
1 - If I insert the Cisco-AVPair in the filter and I haven't this
attribute in my ldap user, I can't authenticate it. Is it possible to
check the ssid only if it is in the list of the ldap user attributes?
2 - With this solution the following row in the ldap.attrmap is not
necessary:
checkItem Cisco-AVPair radiusCiscoAVPair
whitout it the filter authentication works.
It is not possible to use the ldap.attrmap file to inser a check item?
In this file I have inserted 3 replyItem:
replyItem Tunnel-Medium-Type radiusTunnelMediumType
replyItem Tunnel-Private-Group-Id radiusTunnelPrivateGroupId
replyItem Tunnel-Type radiusTunnelType
if I insert these three attribute in my ldap user they work without
other configuration. Why the checkItem doesn't work?
3 - the last question is a little different: if I insert in the user
file this row:
DEFAULT Auth-Type := LDAP
the authentication doesn't work. It is normal or I have some mistakes in
my configuration?
Thanks a lot
Bye Antonio
on 17/05/2006 9.02 ludovic cailleau said the following:
> Hi
>
> fillter =
> "(&(uid=%{Stripped-User-Name:-%{User-Name}})(radiusCiscoAVpair=%{Cisco-AVPair}))"
>
> regards
>
More information about the Freeradius-Users
mailing list