Multiple LDAP searches

Leighton Man l.j.man at hud.ac.uk
Wed Mar 31 09:00:33 CEST 2010


>I am setting up freeradius 2.1.6 and seem to be stuck on how do I go about setting up my ldap module to search multiple basedn if the user >is not found in the first? I have four that I need to search in my LDAP tree but cannot figure out the correct way to make it search more >than one. I feel like this is probably something simple I'm missing but can't seem to see it atm.

Hi,
I have two instances defined in modules/ldap

ldap ldap_staff {

...............

basedn = "ou=staff, ..............."

..............

}

ldap ldap_student {

...............

basedn = "ou=student, ..............."

..............
}


Then, in authorise section,

ldap_staff
if (ok) {
whatever stuff you need
        }
        else {
          ldap_student
          if (ok) {
whatever other stuff you need
          }
          else {
               reject
          }
        }
#

In my case the "stuff" returns cisco av pairs to control the switches. The usert is rejected if they don't exist in either the "staff" or the "student" ou.

Hope this helps,

Leighton

________________________________

---
This transmission is confidential and may be legally privileged. If you receive it in error, please notify us immediately by e-mail and remove it from your system. If the content of this e-mail does not relate to the business of the University of Huddersfield, then we do not endorse it and will accept no liability.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100331/8d4f8c4c/attachment.html>


More information about the Freeradius-Users mailing list