Add LDAP groups as extra attributes
Phil Mayers
p.mayers at imperial.ac.uk
Thu Mar 14 11:06:57 CET 2013
On 03/13/2013 07:45 PM, Robin Helgelin wrote:
> First problem is that I need to rewrite the output from ldap to
> something the radius-client finds useful. But there are radius modules
> for rewriting things right?
Yes, though TBH manipulating LDAP DNs in unlang/attr_rewrite is going to
be a pain. You might have to fall back on one of the scripting language
modules, as Arran says.
>
> Next problem seems to be that freeradius ignores when ldap is
> returning more than one group, am I correct?
If you mean that you've setup ldap.attrmap but are only seeing one
group, you might need to use the "operator" column and set it to +=
More information about the Freeradius-Users
mailing list