LDAP group-checking - missing user-dn in filter
Alan DeKok
aland at deployingradius.com
Mon Aug 18 18:02:39 CEST 2008
Jason Long wrote:
> expand: (&(objectClass=groupOfNames)(member=%{Ldap-UserDn})) ->
> (&(objectClass=groupOfNames)(member=))
>
> The search filter should contain something like
> (member=cn=georget,ou=student,o=mc), but instead it has (member=).
>
> Is %{Ldap-UserDn} not correct? I got it right out of the sample
> configuration...
In 2.0.5, it's been moved to %{control:LDAP-UserDn}. This should be
better documented...
Alan DeKok.
More information about the Freeradius-Users
mailing list