Fallback LDAP Attribute Value
Steven Carr
steven.carr at sunderland.ac.uk
Wed Jul 8 17:12:59 CEST 2009
On 8/7/09 15:07, Alan DeKok wrote:
> You can map that VLAN number to a server-side attribute. Then, copy
> it to the correct tunnel attribute when you want.
>
> e.g. map it to Tmp-String-0, (ldap.attrmap), and then do:
>
>
> if (... i want to send vlan) {
> update reply {
> Tunnel-Private-Group-Id = "%{Tmp-String-0}"
> ...
> }
> }
OK getting closer...
ldap.attrmap contains:
replyItem Tmp-String-0 destinationindicator
post-auth section contains:
if ((!reply:Tmp-String-0) || (reply:Tmp-String-0 == "")) {
update reply {
Tunnel-Private-Group-Id = "666"
}
}
else {
update reply {
Tunnel-Private-Group-Id = "%{Tmp-String-0}"
}
}
debug output shows:
++? if ((!reply:Tmp-String-0) || (reply:Tmp-String-0 == ""))
?? Evaluating !(reply:Tmp-String-0) -> TRUE
?? Evaluating (reply:Tmp-String-0 == "") -> FALSE
++? if ((!reply:Tmp-String-0) || (reply:Tmp-String-0 == "")) -> FALSE
++- entering else else
expand: %{Tmp-String-0} ->
So Tmp-String-0 supposedly is there, and isn't empty, but I cant get the
data out of it.
In the packet back it is set to:
Tunnel-Private-Group-Id:0 = ""
What am I missing?
Steve
--
Steven Carr
Systems Development Officer
SLS/ITS/Systems - (0191) 515 3953
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 257 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090708/c2efdb46/attachment.pgp>
More information about the Freeradius-Users
mailing list