unlang?
Dean, Barry
B.Dean at liverpool.ac.uk
Fri Jan 18 15:54:09 CET 2008
I am testing my current 1.1.7 config with version 2.0.0.
I have 2 bits of config that are not quite right on 2.0.0
1) I have the line:
filter = "(cn=%{Stripped-User-Name:-%{User-Name}})"
I am not sure why, I inherited this setup and I am still trying to understand it. The LDAP server is eDirectory (FreeRADIUS compiled with -with-edir)
The "-X" output says:
WARNING: Deprecated conditional expansion ":-". See "man unlang" for details
expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=user)
expand: o=uol -> o=uol
What is the replacement for ":-" given I don't know what it did in the first place for "man unlang" to be any help!
2) Rejecting a user
I have a specific user account (call it "special") it was barred using:
special Auth-Type := Reject
Reply-Message = "Cannot use this user account"
in the users file.
Variants like " special", "Special" and "SPECIAL" etc get by this check, and out LDAP server allows them!, so I added:
lower_user = before
lower_pass = no
nospace_user = before
nospace_pass = no
to radius.conf. These no longer seem to work. How do you achieve this with version 2.0.0?
---------------
Barry Dean
Networks Team
Computing Services Department
Tel: 0151 794 5641 (x45641)
More information about the Freeradius-Users
mailing list