Referencing LDAP attributes in post-auth
Adam Track
adamtrack at rocketmail.com
Mon Dec 19 17:10:27 CET 2011
> > Thanks, I'll give it a try and post the debug. Am I wrong to be surprised
> > that there is no answer for the first question, though? There has to be a
> > great many users out there using EAP and assigning dynamic VLAN based on
> > LDAP attributes.... or, not?
>
> I know of many - it depends on how you are doing it - are you doing post-auth
> in the inner-tunnel, or in the outer virtual-server after EAP has been done?
> just assign a standard RADIUS attribute and it will be there for you to use in eg PERL
> (so long as you copy-to-tunnel in your EAP config)
copy_request_to_tunnel = yes
As mentioned earlier, I am assigning a standard RADIUS attribute, but the value I'm passing to it is not there when I call it, which is in the post_auth of the outer virtual server.. I figured it made sense to put it there, since I call the LDAP module in the authroize section of the outer virtual server. Should this be done in the inner-tunnel? I guess I'll give that a try too...
Thanks,
A.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111219/dcd25380/attachment.html>
More information about the Freeradius-Users
mailing list