freeradius 2.1.7-7.el5 - How to get vendor specific attributes from LDAP

Fajar A. Nugraha list at
Thu Nov 24 22:27:38 CET 2011

On Thu, Nov 24, 2011 at 9:43 PM, Jakub Pech <jakub.pech at> wrote:
> Hi,
>>Normally an ldap attribute will be translated as a radius check or reply
>> item, not both (which is what you did).

> First I had only "radius check". I added "radius reply" later while testing.
> I'm almost sure that that is not the cause of my problem.

Why are you doing that? Your "working" debug log says

Sending Access-Accept of id 101 to port 60528
Juniper-Local-User-Name := "class2"
Finished request 0.

Something that you send to the NAS is a reply item. Why did you put it
as radius check?  And if you're sure it's not the problem (meaning you
already know what the source of problem is), then why ask here?


More information about the Freeradius-Users mailing list