LDAP module problem in 2.0.3
Jason Alderfer
jha2 at emu.edu
Mon Apr 14 23:18:42 CEST 2008
> Jason Alderfer wrote:
>> I'm testing upgrading to 2.0.3 from 1.1.7 and it appears that the LDAP
>> module in 2.0.3 is not setting the Ldap-UserDn in a way that is
>> available
>> for further analysis.
>
> It's now in the "control" item list. This should be better
> documented...
But the function ldap_postauth in rlm_ldap.c still looks for Ldap-UserDn
in request->packet->vps. Should I patch it to look in the new
location? Or will it even exist in the control items in post auth?
vp_fdn = pairfind(request->packet->vps, da->attr);
if (vp_fdn == NULL) {
DEBUG("rlm_ldap: User's FQDN not in config items list.");
return RLM_MODULE_FAIL;
}
Also, I can see on the unlang man page how to update an item on the
control list, but I'm not clear how to test one. What should I change in
the unlang below?
if (Ldap-UserDn =~ /ou=is,ou=n,o=emu/i) {
update reply {
Tunnel-Type := "VLAN"
Tunnel-Medium-Type := "IEEE-802"
Tunnel-Private-Group-Id := 3
}
}
Thanks
Jason
More information about the Freeradius-Users
mailing list