Add custom ldap attribute to replies
Alan DeKok
aland at deployingradius.com
Fri Oct 30 13:45:05 CET 2015
On Oct 30, 2015, at 8:37 AM, Angel L. Mateo <amateo at um.es> wrote:
>
> Hello,
>
> I have my freeradius connected to an LDAP server.
>
> I want now to add the CN attribute of my ldap users' entries to the freeradius reply. So I have:
>
> - Created a custom attribute (I haven't found any better, is there any?). This is the definition in the dictionary:
>
> ATTRIBUTE X-Atica-CN 3002 string
And raddb/dictionary says:
# If you want to add entries to the dictionary file,
# which are NOT going to be placed in a RADIUS packet,
# add them here. The numbers you pick should be between
# 3000 and 4000.
So... that attribute won't be in a packet.
> but when I try with radtest, this custom attribute is not in the reply.
Yes. That's what the documentation says.
> Any help?
Create a vendor-specific dictionary. Read this to learn how dictionaries work:
http://networkradius.com/doc/current/concepts/dictionary/introduction.html
And then:
http://networkradius.com/doc/current/concepts/dictionary/vendor_dictionaries.html
Alan DeKok.
More information about the Freeradius-Users
mailing list