Referencing Ldap-Group in unlang
Jason Alderfer
jha2 at emu.edu
Wed May 7 20:16:36 CEST 2008
Hi all,
I would like to convert the following users file entry to unlang code in
2.0.4.
DEFAULT Ldap-Group == "cn=not_student,ou=n,o=emu"
Tunnel-Type = "VLAN",
Tunnel-Medium-Type = "IEEE-802",
Tunnel-Private-Group-Id = 6
But after reading the unlang man page and trying it several ways, I can't
figure out how to duplicate this functionality. The above users file
entry causes this in the debug output:
rlm_ldap: Entering ldap_groupcmp()
expand: o=emu -> o=emu
expand:
(|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))) ->
(|(&(objectClass=GroupOfNames)(member=cn\3dalderfjh\2cou\3dis\2cou\3dn\2co\3demu)))
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in cn=not_student,ou=n,o=emu, with filter
(|(&(objectClass=GroupOfNames)(member=cn\3dalderfjh\2cou\3dis\2cou\3dn\2co\3demu)))
request done: ld 0x81a5118 msgid 29
rlm_ldap::ldap_groupcmp: User found in group cn=not_student,ou=n,o=emu
But so far none of the syntax below has invoked ldap_groupcmp().
if ( Ldap-Group == "cn=not_student,ou=n,o=emu" ) {
if ( control:Ldap-Group == "cn=not_student,ou=n,o=emu" ) {
if ( "%{Ldap-Group}" == "cn=not_student,ou=n,o=emu" ) {
if ( "%{ldap:Ldap-Group}" == "cn=not_student,ou=n,o=emu" ) {
Jason
More information about the Freeradius-Users
mailing list