Pool-Name attribute issue WAS Re: Unknown Auth-Type "LDAP" in authenticate sub-section
up at 3.am
up at 3.am
Mon Mar 12 18:02:11 CET 2012
> On 12/03/12 15:44, up at 3.am wrote:
>
>>
>> DEFAULT Group == "FOO", Pool-Name :="FOO_pool"
>
> "Group" is probably empty. I can't remember what module, if any, fills
> it out.
>
> What do you *think* "Group" will contain? It won't contain LDAP groups.
I was about to post about this..I just did a test with this entry:
someuser Pool-Name :="FOO_pool"
And it got an IP from the pool just fine, so you're right, the problem lies with
"Group". It is a legacy entry, left over from before we switched from PAM/unix to
LDAP. Since it continued to work even after removing all of the unix group
entries and still continues to work when we add new LDAP groups and LDAP users to
that group.
How it gets that is something I don't know...there's no ldap.attrmap entry for it
on the older, working servers. I take it I will need to define map the LDAP
attribute PosixGroup to something?
More information about the Freeradius-Users
mailing list