avoiding ldap access in authorize
Alexander Clouter
alex at digriz.org.uk
Fri Sep 30 11:39:47 CEST 2011
Fred <fred.maison at gmail.com> wrote:
>
> If I want to test those values, i used to to something like :
> if ( Ldap-Group == "AdminRW ) { do something }
>
> This makes a new ldap access to be done by the server for an array
> attribute which has already been retrieved by server.
> Is there any other way to check those (already retrieved values)
> without making a new ldap call because of Ldap-Group == "xxx"
> conditional ?
>
You might be able to make use of either foreach:
http://lists.cistron.nl/pipermail/freeradius-users/2011-June/msg00334.html
...or without patching, %{radiusGroupName[*]}:
http://freeradius.1045715.n5.nabble.com/foreach-attribute-array-td2787874.html
Cheers
--
Alexander Clouter
.sigmonster says: Guillotine, n.:
A French chopping center.
More information about the Freeradius-Users
mailing list