Using ldap module to return variables to use in other modules.
Alan DeKok
aland at deployingradius.com
Thu Aug 14 08:25:19 CEST 2014
David Rickard wrote:
> I modified the ntlm module as follows:
> exec ntlm_auth {
> wait = yes
> program = "/path/to/ntlm_auth --request-nt-key --domain=MYDOMAIN --username=%{Bucks-samAccountName}
Which looks in the request list.
> ldap.attrmap has an extra line (tried as both a check-item and a replyitem. I'm thinking it should be check-item as a replyitem is sent in the RADIUS reply, which I don't want).
> checkItem Bucks-samAccountName sAMAccountName
Which puts the attribute into the check / control list.
Fix that.
Use --username=%{control:Bucks-samAccountName}
Alan DeKok.
More information about the Freeradius-Users
mailing list