Referring to module-specific information in post-auth
Alan DeKok
aland at deployingradius.com
Mon Nov 14 16:41:00 CET 2016
On Nov 11, 2016, at 5:33 PM, Stefan Paetow <Stefan.Paetow at JISC.AC.UK> wrote
> In the ldap module you have the config entries 'server' and 'base_dn'.
>
> In the post-auth section, I tried to do this:
>
> update reply {
> Tmp-String-1 :=
> "%{ldap:ldap://${modules.ldap.server}/${modules.ldap.base_dn}?uid??(&(objec
> tClass=user)(accountMapping=%{reply:Chargeable-User-Identity}}"
> }
>
> On initial start the ${...} values are expected to be replaced by their
> real equivalents.
They should be.
> Given that "policy" exists in the "policy" entry in
> radiusd.conf, and "client" in "clients.conf" (where each is defined), I
> was expecting "modules" to be accessible?
All configuration items are accessible via the expansion ${..} i.e. ${section.subsection1.subsection2.item}
These strings are expanded when the server starts, and are treated as fixed strings after that.
> There is something I'm missing,
> isn't it? Something really silly?
No idea. What does the debug output show?
Alan DeKok.
More information about the Freeradius-Users
mailing list