multiple radiusVSA in ldap.attrmap

[Alan DeKok]

François Mehault wrote:
>  + in ldap.attrmap I add  
> 
> replyItem       Cisco-AVPair                                        
> radiusVSA
> 
> replyItem       Foundry-Privilege-Level                   radiusVSA
> replyItem       Foundry-INM-Privilege                    radiusVSA

  You can't do that.  You are mapping the "radiusVSA" item to 3
different RADIUS attributes.  This will NOT work.

> I don’t succeed to give good value for each attribute with OpenLDAP,
> ldapattrmap, radiusVSA … In addition, I can’t to have two radiusVSA
> attributes with the same value in OpenLDAP.

  Yes, you can.  Read the comments at the top of ldap.attrmap.  Use the
"+=" operator.

  Alan DeKok.