freeradius 2.1.7-7.el5 - How to get vendor specific attributes from LDAP

Fajar A. Nugraha list at fajar.net
Thu Nov 24 22:27:38 CET 2011


On Thu, Nov 24, 2011 at 9:43 PM, Jakub Pech <jakub.pech at spinoco.com> wrote:
> Hi,
>
>>Normally an ldap attribute will be translated as a radius check or reply
>> item, not both (which is what you did).

> First I had only "radius check". I added "radius reply" later while testing.
> I'm almost sure that that is not the cause of my problem.

Why are you doing that? Your "working" debug log says

Sending Access-Accept of id 101 to 31.186.188.2 port 60528
Juniper-Local-User-Name := "class2"
Finished request 0.

Something that you send to the NAS is a reply item. Why did you put it
as radius check?  And if you're sure it's not the problem (meaning you
already know what the source of problem is), then why ask here?

-- 
Fajar



More information about the Freeradius-Users mailing list