checkitem problem
Norbert Wegener
norbert.wegener at siemens.com
Fri Aug 31 16:36:48 CEST 2007
I get an attribute/value from ad via freeradius and want this as a
checkitem in another module.
Therefore I added
checkItem User-Password primaryGroupID :=
to ldap.attrmap
and have the following users:
DEFAULT User-Password == "wrong”
Service-Type = Framed-User,
Tunnel-Type:1 = VLAN,
Tunnel-Medium-Type:1 = IEEE-802,
Tunnel-Private-Group-ID = VL-SBS-AD02-0001,
DEFAULT User-Password == "515”
Service-Type = Framed-User,
Tunnel-Type:1 = VLAN,
Tunnel-Medium-Type:1 = IEEE-802,
Tunnel-Private-Group-ID = VL-SBS-AD02-0002,
radiusd -AX says:
...
rlm_ldap: looking for check items in directory...^M
rlm_ldap: Adding primaryGroupID as User-Password == "515"^M
The 515 is form AD and for me its seems to be what I expect.
rlm_ldap: looking for reply items in directory...^M
rlm_ldap: user host/28tef004.ww006.mycompany.net authorized to use
remote access^M
rlm_ldap: ldap_release_conn: Release Id: 0^M
modcall[authorize]: module "ldap" returns ok for request 11^M
users: Matched entry DEFAULT at line 2^M
Now I would assume, User-Password == "515" is added to the list of
checkitems.
Nevertheless the first DEFAULT Entry of the users file is taken.
What am I missing?
The complete typescript is at
http://www.wegener-net.de/freeradius/typescript
Thanks
Norbert Wegener
More information about the Freeradius-Users
mailing list