LDAP Groups to Freeradius and then Ruckus Wireless?
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Fri May 23 14:09:56 CEST 2014
On 23 May 2014, at 12:47, Enrique Sainz Baixauli <enriquesainz.beca at intef.educacion.es> wrote:
>> You should be able to use the attrmap file to map memberOf or whatever
> membership attribute you use to a reply attribute.
>
> So I included in /usr/share/freeradius/dictionary a new dictionary.ruckus
> file with vendor information for Ruckus that defines the attribute to be
> returned:
> [...]
> ATTRIBUTE Ruckus-User-Groups 1 string
> [...]
>
> And a new line in ldap.attrmap to reply that attribute:
> replyItem Ruckus-User-Groups member
>
> member being the groupmember_attribute set in modules/ldap, and also the
> attribute name in LDAP that makes membership effective.
> But the result is the same, no additional debug output in radiusd -XXX or
> when testing a user authentication with radtest. Am I doing anything wrong
> here?
Nope, trace the LDAP conversation with wireshark and see what's being requested and returned.
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140523/69f4082f/attachment.pgp>
More information about the Freeradius-Users
mailing list