Fallback LDAP Attribute Value
Ivan Kalik
tnt at kalik.net
Tue Jul 7 17:04:19 CEST 2009
>>> Use unlang. Put something like this in post-auth:
>>>
>>> if(reply:Tunnel-Private-Group-ID == "") {
>>> update reply {
>>> Tunnel-Private-Group-ID = "666"
>>> }
>>> }
>>
>> I've tried this in both the default and inner-tunnel post-auth sections
>> and neither returned the value 666 in the Radius Accept. Do I need to
>> add anything as a placeholder in the users config file?
>
> Digging into debug came back with:
>
>> ++? if (reply:Tunnel-Private-Group-ID == "")
>> (Attribute reply:Tunnel-Private-Group-ID was not found)
OK, try:
if (!reply:Tunnel-Private-Group-ID)
that should cover the case when there is no ldap attribute in user
profile. If attribute can be empty or missing you will need to OR those
two expessions.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list