LDAP Groups to Freeradius and then Ruckus Wireless?

Arran Cudbard-Bell a.cudbardb at freeradius.org
Wed May 28 16:52:57 CEST 2014

On 28 May 2014, at 15:30, Enrique Sainz Baixauli <enriquesainz.beca at intef.educacion.es> wrote:

>>>>> Uncomment:
>>>>> cache_attribute = 'LDAP-Cached-Membership'
>>>>> Then in authorize:
>>>>> ldap
>>>> Sorry that's
>>>> foreach &control:LDAP-Cached-Membership {
>>>> 	update reply {
>>>> 		Ruckus-User-Group += "%{Foreach-Variable-0}"	
>>>> 	}
>>>> }
>>> Thank you very much, but trying to start the server resulted in a 
>>> syntax error in '&control:LDAP-Cached-Membership': Unknown attribute 
>>> "LDAP-Cached-Membership"
>> Define it in the user dictionay as a string attribute.
> That's awesome, now the debug output shows that FR finds out which group
> each user belongs to. Also, capturing local packets with wireshark (because
> LDAP and FR are on the same machine) shows two request-responses, first for
> the user and then for the group, between FR and LDAP. But on the Ethernet
> interface there is nothing else aside from an Access-Request and an
> Access-Accept, but nothing related to the group in the response. Maybe
> wireshark doesn't show every field, but the packet length is only 20 so I
> think it's just not being sent by FR.

Hm, can you send over the output of -X.


Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140528/1eb2c668/attachment.pgp>

More information about the Freeradius-Users mailing list