Config. Help please - ldap and Active Directory
Leighton Man
l.j.man at hud.ac.uk
Thu Mar 12 11:56:06 CET 2009
> And many requests later you ask about it:
>
> >++? if (control:Tmp-String-0 == "ldap-student")
> > (Attribute control:Tmp-String-0 was not found)
>
> .. and it's not there. Of course it's not, since it wasn't
> set during processing of that Access-Request but much earlier
> in the exchange.
Obvious when it's pointed out but I really don't understand the whole process yet. I'll keep reading the docs until I do!
> I would suggest that you move unlang statements to
> inner-tunnel virtual server. You can do update reply and set
> Reply-Message in authorize there (forget about temp attribute
> and changeing it in post-auth). Just enable
> use_tunneled_reply in peap section of eap.conf and
> Reply-Message will be passed on from inner tunnel into the
> final reply.
>
All working now. Thank you.
Leighton
More information about the Freeradius-Users
mailing list