LDAP Authentication: filter problem

Alan DeKok aland at deployingradius.com
Sat Dec 1 16:12:30 CET 2007

Carlos Parada wrote:
> filter = "(&(uid=%{User-Name})(radiusServiceInfo=%{Service-Info}))
> The problem is that when Service-Info doesn't come in the Radius 
> packet (because is not mandatory for me), it doesn't work,

  See doc/variables.txt for how to deal with attributes that don't
exist, and conditional expansion.  See the FAQ for "it doesn't work".

> and I
> see on LDAP the following
> filter="(&(uid=test1)(?=undefined))"
> If Service-Info not present, I would expect something like
> filter="(&(uid=test1)(radiusSeviceInfo=))"

  It looks like your LDAP server doesn't understand the
"radiusServiceInfo" field.

  Alan DeKok.

More information about the Freeradius-Users mailing list