How to add VAP based on LDAP group membership
Thomas Stather
Thomas.Stather at mpimf-heidelberg.mpg.de
Fri Feb 19 13:45:07 CET 2016
Hi
I still don't get it sorry :(
I tried
if
("%{redundant_ldap:///ou=hosts,dc=testdomain,dc=de?macAddress?sub?macAddress=%{Calling-Station-Id}}")
{
update reply {
Aruba-User-Vlan = "200"
}
}
But the error message is the same. What do you mean with "all needs a
hostname"? The "redundand_ldap" is configured as:
redundant redundant_ldap {
ldap1
ldap2
}
Best,
Thomas
Am 19.02.2016 um 13:14 schrieb Alan DeKok:
> On Feb 19, 2016, at 6:01 AM, Thomas Stather <Thomas.Stather at mpimf-heidelberg.mpg.de> wrote:
>> I tried this in "post-auth" section:
>>
>>
>> if ("%{redundant_ldap:///ou=hosts,dc=testdomain,dc=de?macAddress?sub}" == %{Calling-Station-Id}) {
> That isn't an LDAP URL.
>> (12) if ("%{redundant_ldap:///ou=hosts,dc=testdomain,dc=de?macAddress?sub}" == %{Calling-Station-Id}) {
>> (12) ERROR: String passed does not look like an LDAP URL
>> (12) ERROR: String passed does not look like an LDAP URL
> Yup. The LDAP client code doesn't think it's an LDAP URL.
>
>> What am i doing wrong?
> You're not passing an LDAP URL to the LDAP query. I would have thought the message was pretty clear.
>
> Read the LDAP documentation to see what an LDAP URL looks like. A simple google search for "ldap url" yields lots of documentation.
>
> All of which says you need a hostname.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Thomas Stather
IT Services
Tel: +49 6221-486 628
Fax: +49 6221-486 561
------------------------------------------------------------------------
Max Planck Institute for Medical Research (MPImF)
Jahnstrasse 29, 69120 Heidelberg
Germany
More information about the Freeradius-Users
mailing list