Multi-valued LDAP attribute
Adam Track
adamtrack at rocketmail.com
Thu Dec 22 19:31:40 CET 2011
Hi All,
In a continuation to my previous issue about how to reference an LDAP attribute in post-auth, I am now wondering how to iterate through a multi-valued attribute in a perl script I call from post-auth. In the debug you can see all three values are returned:
...
[ldap] looking for reply items in directory...
[ldap] personType -> Person-Type = "employee"
[ldap] personType -> Person-Type = "fulltime"
[ldap] personType -> Person-Type = "it"
...
The perl module currently has the following code because I can't seem to be able to get any result other than the first, ie "employee", and I really need the other two (possibly more) to do a proper VLAN assignment:
while (($att,$val) = each(%RAD_REPLY)){
if ($att =~ 'Person-Type'){
$count++;
if ($count == 1){
$one = $val;
} else {
$two = $val;
}
}
}
$RAD_REPLY{'Reply-Message'} = "Total: $count, first: $one, second: $two.";
The results are:
...
Reply-Message = "Total: 1, first: employee, second: ."
...
I'm no perl expert, but shouldn't I be able to reference all three values with $RAD_REPLY{'Person-Type'}? If not, where are the other values being stored? I read from the archives that this can be done with 3.X and foreach using unlang, but I'm stuck with 2.1.10 at the moment. Or, do multi-valued attributes need to be defined another way?
Thanks,
A.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111222/15bf6c06/attachment.html>
More information about the Freeradius-Users
mailing list