LDAP Groups to Freeradius and then Ruckus Wireless?
Enrique Sainz Baixauli
enriquesainz.beca at intef.educacion.es
Fri May 23 13:47:26 CEST 2014
> You should be able to use the attrmap file to map memberOf or whatever
membership attribute you use to a reply attribute.
So I included in /usr/share/freeradius/dictionary a new dictionary.ruckus
file with vendor information for Ruckus that defines the attribute to be
returned:
[...]
ATTRIBUTE Ruckus-User-Groups 1 string
[...]
And a new line in ldap.attrmap to reply that attribute:
replyItem Ruckus-User-Groups member
member being the groupmember_attribute set in modules/ldap, and also the
attribute name in LDAP that makes membership effective.
But the result is the same, no additional debug output in radiusd -XXX or
when testing a user authentication with radtest. Am I doing anything wrong
here?
> Else upgrade to 3.0.3 and use the cached group info toggles.
I guess that would be easier, but requirements are stable version of
everything installed on the server.
Anyway, thank you very much and best regards!
More information about the Freeradius-Users
mailing list