[LDAP] User-Profile assigned only if set in user attr radiusProfileDn

Zeus Panchenko zeus at ibs.dn.ua
Sun Aug 16 20:45:50 CEST 2015


Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:

> Did you edit mods-available/ldap to set the source for the LDAP profile as I showed in my previous mail?
> 
> ldap {
> 	...
> 	user {
> 		...
> 
> 		default = &control:User-Profile
> 	}
> }

no, I didn't yet ... since I need not the single, default profile for all users
but definite profile for users who are members of some definite group

I believe I need not default= but some condition check and assignment on
it's result ... something like:

if ( Ldap-Group == 'ABC' ) {
  if ( Called-Station-SSID ) {
    if ( Called-Station-SSID == 'ABC' ) {
       update {
       	  User-Profile := "cn=ABC,ou=profiles,ou=RADIUS,dc=xyz"
       }
    }
  }
}

but which module I have to say what (and how), to make FR to assign it? I'm giving up :(

-- 
Zeus V. Panchenko				jid:zeus at im.ibs.dn.ua
IT Dpt., I.B.S. LLC					  GMT+2 (EET)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 180 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150816/95d43cbb/attachment.sig>


More information about the Freeradius-Users mailing list