Lost entries from reply with multiple instances of the same attribute
Phil Mayers
p.mayers at imperial.ac.uk
Tue Aug 12 16:48:01 CEST 2008
Konstantin KABASSANOV wrote:
>> Konstantin KABASSANOV wrote:
>>> Some months ago I mentioned a problem observed while sending Access-
>> Accept
>>> with multiple Cisco-AVPair="ssid=..." entries. Even if fields are
>> correctly
>>> retrieved from the LDAP server, only the first occurrence of the
>> attribute
>>> is sent in the packet. Can you tell me if recent developments have
>> solved
>>> this issue?
>> This issue has been solved for almost 4 years now. Read
>> ldap.attrmap.
>>
>
> Alan, I'd be very happy if it was true, but:
>
> Even if my radius server gets the following from the rlm_ldap:
>
> rlm_ldap: looking for reply items in directory...
> rlm_ldap: LDAP attribute wireless as RADIUS attribute Cisco-AVPair =
> "ssid=mywifi1"
> rlm_ldap: LDAP attribute wireless as RADIUS attribute Cisco-AVPair =
> "ssid=mywifi2"
Read the comments in "ldap.attrmap". Specifically you're going to want:
replyItem Cisco-AVPair wireless +=
i.e. you need to use the "operator" field
More information about the Freeradius-Users
mailing list