LDAP Authentication: filter problem
Alan DeKok
aland at deployingradius.com
Sat Dec 1 16:12:30 CET 2007
Carlos Parada wrote:
...
> filter = "(&(uid=%{User-Name})(radiusServiceInfo=%{Service-Info}))
>
> The problem is that when Service-Info doesn't come in the Radius
> packet (because is not mandatory for me), it doesn't work,
See doc/variables.txt for how to deal with attributes that don't
exist, and conditional expansion. See the FAQ for "it doesn't work".
> and I
> see on LDAP the following
>
> filter="(&(uid=test1)(?=undefined))"
>
> If Service-Info not present, I would expect something like
>
> filter="(&(uid=test1)(radiusSeviceInfo=))"
It looks like your LDAP server doesn't understand the
"radiusServiceInfo" field.
Alan DeKok.
More information about the Freeradius-Users
mailing list