Re: post-auth section in FR v2.1.12

gabriel_skupien gabriel_skupien at o2.pl
Thu Jun 12 08:37:55 CEST 2014


Thanks for your feedback. The last question, can we configure ldap module to make ldapsearch support for referrals/aliases?

Gabriel

Dnia 11 czerwca 2014 15:41 Alan DeKok <aland at deployingradius.com> napisał(a):

> gabriel_skupien wrote:
> > I do not want to use "ldap.authorize", I would really prefer to use
> > LDAP-Group - ideally in "switch" statement but it seems that it is not
> > supported in FR 2.X.
> >
>   No.  In v3, though, the LDAP module caches the LDAP groups.  So it's
> much faster.
> 
> > Bulk of if/else statements is also a bad idea because
> > we use dozens of LDAP groups and that will for sure result with LDAP
> > server
> > overload. Any idea?
> >
>   Use v3.
> 
> > ps. a pure "update reply" without "if" statements is also working, the
> > problem was that I tried LEAP, when I switched to EAP-TLS it started to
> > proces "update reply" section.
> >
>   OK.
> 
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 


More information about the Freeradius-Users mailing list