Outer identity being used for LDAP group lookup in users file
Ivan Kalik
tnt at kalik.net
Mon May 11 10:48:07 CEST 2009
> In my "users" file I preform an Ldap-Group lookup and allocate vlan
> based on this. i.e. DEFAULT Ldap-Group !=
> "cn=DisabledRadiusUsers,ou=roles,ou=services,o=abc"
>
> The issue I am having is if a user has an Outer Identity set, the
> Ldap-Group lookup is performed against this username not the Inner
> Identity username. Is there any way of ensuring that the lookup is
> performed against the "real" inner identity not the "fake" outer
> identity?
>
Ldap-Group doesn't work with !=, only ==. Don't list ldap in default but
in inner-tunnel virtual server. Activate use_tunneled_reply in peap (it is
peap? if it's ttls, than do it in ttls section) section of eap.conf
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list