Help on users file

jon Yu yunc.yu at nd.edu
Tue Jun 21 19:39:33 CEST 2016


The log file is attached. Like to know how to configure Ldap-Group to find
user in group object.
Thanks,

On Tue, Jun 21, 2016 at 9:06 AM, Matthew Newton <mcn4 at leicester.ac.uk>
wrote:

> On Mon, Jun 20, 2016 at 04:44:40PM -0400, jon Yu wrote:
> > DEFAULT Huntgroup-Name == "mytest", Hint == "MYTEST", Ldap-Group ==
> ndvm6mk9, Auth-Type := ldap-vpn
> >         Service-Type = 6,
> >         Fall-Through = Yes
>
> Make sure this is at the top of the file above any other DEFAULT
> entries that may not include "Fall-Through".
>
>
> > Mon Jun 20 15:59:36 2016 : Debug: (0)   [files] = noop
> > Mon Jun 20 15:59:36 2016 : Debug: (0)   debug_control debug_control {
> > Mon Jun 20 15:59:36 2016 : Debug: (0)     if ("%{debug_attr:control:}"
> == '')
> > Mon Jun 20 15:59:36 2016 : Info: (0) Attributes matching "control:"
> > Mon Jun 20 15:59:36 2016 : Debug: (0) EXPAND %{debug_attr:control:}
> > Mon Jun 20 15:59:36 2016 : Debug: (0)    -->
> > Mon Jun 20 15:59:36 2016 : Debug: (0)     if ("%{debug_attr:control:}"
> == '')  -> TRUE
> > Mon Jun 20 15:59:36 2016 : Debug: (0)    if ("%{debug_attr:control:}" ==
> '')  {
>
> So something may not be being set.
>
> I would
>
>  - remove checks from the DEFAULT line in the users file until you
>    get something that works, then you know exactly what isn't
>    being set.
>
>  - check your hints and huntgroups files and make sure they are
>    matching.
>
>  - check you haven't removed "preprocess" (we can't as you didn't
>    post the whole debug output, which is recommended pretty much
>    every day on this list).
>
>  - consider using unlang instead of 'hints' and 'huntgroups'.
>
> Matthew
>
>
> --
> Matthew Newton, Ph.D. <mcn4 at leicester.ac.uk>
>
> Systems Specialist, Infrastructure Services,
> I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
>
> For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: debug.log
Type: application/octet-stream
Size: 106805 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20160621/59e27754/attachment-0001.obj>


More information about the Freeradius-Users mailing list