redundant LDAP-Group
Phil Mayers
p.mayers at imperial.ac.uk
Thu Dec 2 15:54:45 CET 2010
On 02/12/10 14:49, Phil Mayers wrote:
>
> Alternatively, how about:
>
> policy {
> myldap {
> update request {
> Module-Failure-Message !* 0x00
> My-Group = "%{ldap1:...}"
> }
> if (Module-Failure-Message) {
Nah, this won't work sorry - I was misreading the rlm_ldap.c code,
Module-Failure-Message is only set by ldap_authorize on NOTFOUND, not
FAIL and not in perform_search()
More information about the Freeradius-Users
mailing list