LDAP Groups to Freeradius and then Ruckus Wireless?
Enrique Sainz Baixauli
enriquesainz.beca at intef.educacion.es
Wed Jun 11 16:20:06 CEST 2014
>> I am totally unsure what was going on with that Foreach-Variable-#
>> thing, but it seems to be working fine now. I was following Arran's
>> advice in [1] to try to minimize calls to ldap when Foreach-Variable-1
>> was empty all of a sudden, so I switched to Foreach-Variable-0 and
>> everything started working fine.
>
> I'm really not sure what that means. You are aware that
> Foreach-Variable-0 and Foreach-Variable-1 are different, right?
>
> Foreach-Variable-0 is for the FIRST loop. Foreach-Variable-1 is for the
second NESTED loop.
>
> If you use Foreach-Variable-1 inside of one loop, it won't refer to
anything, and it won't exist.
>
> Alan DeKok.
That's what I mean. I had to use Foreach-Variable-1 (and it worked) but I
wasn't nesting loops. I had only one loop in post-auth, but when
authenticating with EAP-PEAP the group info was in Foreach-Variable-0 and
when I used EAP-TLS it was in Foreach-Variable-1 (and segfaulted if I tried
to access Foreach-Variable-0). Now, after optimizing ldap calls with cache,
it's always in Foreach-Variable-0 (where it should have always been).
If you can make any sense out of it, please explain because I have
absolutely no idea.
More information about the Freeradius-Users
mailing list