Help returning multiple values for attrbute (rlm_ldap)
Owen DeLong
owen at delong.com
Thu Oct 12 21:16:40 CEST 2006
On Oct 12, 2006, at 11:39 AM, Kostas Kalevras wrote:
> Owen DeLong wrote:
>
>> OK... The suggestion I got here last night allowed me to get
>> basic auth working
>> as desired, however, I have another problem.
>>
>> I need to return in the reply a series of values for a given
>> attribute, such as:
>>
>> dn: uid=foo,ou=people,dc=zone,dc=example,dc=com
>> uid: foo
>> Attribute: first_value
>> Attribute: second_value
>> Attribute: third_value
>>
>> I have LDAP Attribute mapped to Radius-Attribute in the ldap.attrmap.
>>
>> However, when I query the server, I get back:
>>
>> Radius-Attribute: first-value
>>
>> And the second and third values are not returned.
>>
>> Is there a way to make this work?
>
>
> Either you put the += operator in the ldap attribute values:
>
> Attribute: += first_value
> Attribute: += second_value
>
In this case that's not an option because RADIUS is not the only
consumer of
Attribute and the other consumer(s) would be very confused by +=
> or you edit ldap.attrmap to not use the = operator for that
> attribute but the += operator instead.
>
Sorry to be so ignorant, but, my ldap.attrmap doesn't contain
operators and when I put them
in, it seems to try and interpret them as attribute names instead of
as operators.
So, for example:
replyItem Radius-Attribute Attribute
when changed to:
replyItem Radius-Attribute += Attribute
seems to get parsed the same as
replyItem Radius-Attribute +=
replyItem Radius-Attribute Attribute
This is freeradius 1.1.3 in case that matters.
Thanks,
Owen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20061012/b0a6843c/attachment.pgp>
More information about the Freeradius-Users
mailing list