Set reply attributes based on LDAP attribute
aidanr
aidan at uq.edu.au
Mon Dec 5 03:24:22 CET 2011
Hi,
I am trying to configure freeradius 2.1.12 to set the
'Tunnel-Private-Group-Id' attribute based on a value retrieved from LDAP.
I have pulled the variable form LDAP and am storing it as a local Radius
variable called 'Person-OrgUnit'. In the users file I am trying to check
it's value and set other attributes based on its value.
example:
DEFAULT Person-OrgUnit == "1122"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 802,
Tunnel-Private-Group-ID = 1111
>From what I can see in the freeradius debug mode, is its being skipped
completely. My old configuration which used the Ldap-Group attribute works
correctly, but I need to change over to this other attribute due to an
internal issue. An example of the old configuration is below:
DEFAULT ldap_central-Ldap-Group == "Hosted"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 802,
Tunnel-Private-Group-ID = 1107
I have looked at using rlm_checkval but I am seeing
'rlm_checkval: Could not find item named Person-OrgUnit in request'
in the logs. I do not think this module is designed to do what I want.
--
What is the best way for me to check this radius CheckItem variable and
based on its value, set additional attributes?
Thank you,
--
View this message in context: http://freeradius.1045715.n5.nabble.com/Set-reply-attributes-based-on-LDAP-attribute-tp5047676p5047676.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list