Question about Real Dinamics Ldap Groups

[Alejandro Escanero Blanco]

Is this possible?

My Case:
I have a ldap group called cn=mygroup,o=myorg,c=mycountry
A user: cn=myuser,o=myorg,c=mycountry
The configuration for ldap have:

                groupname_attribute = cn
                groupmembership_filter = 
"(&(objectClass=posixGroup)(memberUid=%{Stripped-User-Name:-%{User-Name}}))"
                groupmembership_attribute = radiusGroupName

An the user file have:

DEFAULT Ldap-Group == mygroup
        Tunnel-Medium-Type = IEEE-802,
        Tunnel-Type = VLAN,
        Tunnel-Private-Group-Id = 1,
        Fall-Through = No

Everything is going ok, but i want more and begin to test:

DEFAULT Ldap-Group == mygroup
        Tunnel-Medium-Type = IEEE-802,
        Tunnel-Type = VLAN,
        Tunnel-Private-Group-Id = 
`%{ldap:ldap:///cn=mygroup,o=myorg,c=mycountry?radiusTunnelPrivateGroupId?base?memberUid=%{Stripped-User-Name}}`,
        Fall-Through = No

Adding the radiusProfile Object to the posixGroup, and put the attribute 
radiusTunnelPrivateGroupId as 1. Going ok

But i want to manage all from ldap and this configuration fail because 
radius can't get the ldap group list and don't check the groups.

DEFAULT Ldap-Group == *
        Tunnel-Medium-Type = IEEE-802,
        Tunnel-Type = VLAN,
        Tunnel-Private-Group-Id = 
`%{ldap:ldap:///cn=%{Ldap-Group},o=myorg,c=mycountry?radiusTunnelPrivateGroupId?base?memberUid=%{Stripped-User-Name}}`,
        Fall-Through = No


There are any solution to fully manage the groups from ldap?

Thanks.


-- 
-------------------------
Alejandro Escanero Blanco
Secretaría General Técnica - Servicio de Informática Sistemas
Tel:  671 569 262 (769262)
Consejería de Innovación, Ciencia y Empresa
Junta de Andalucía