Dynamic vlan with ldap group fail

Wed Mar 25 13:35:30 CET 2015

2015-03-24 13:22 GMT+01:00 Sautron Nick <sautronnick at yahoo.fr>:
>         #  Group membership checking.  Disabled by default.
>         #
>          groupname_attribute = cn
>         groupmembership_filter = "(&(Login=%{%{Stripped-User-Name}:-%{User-Name}})(isMemberOf=ou=groups,ou=eduroam,dc=company,dc=fr))"

That filter is broken. What is actually sent to LDAP is
(&(Login=Marco)(isMemberOf=ou=groups,ou=eduroam,dc=company,dc=fr)) and
for sure it can't find anything because of the isMemberOf=. LDAP tries
to find "isMemberOf=ou" and then has an invalid "=groups" setting.

What version of FreeRADIUS are you using and can you post an example
of one LDAP User entry and one Group entry? Each with its complete DN.
If you want/have to hide data please don't use **** but replacement
words.