LDAP Group Default
Alan DeKok
aland at deployingradius.com
Sat Nov 19 02:54:22 CET 2016
On Nov 18, 2016, at 8:16 PM, Albert K <alberk at gmail.com> wrote:
>
> It tried adding this in the Post-Auth of the inner-tunnel but keep getting
> the following error.
Read "man unlang". And Alan's example again.
The unlang parser isn't smart. You can't just randomly add braces and reformat things. Follow existing examples. It really does help.
> ### Added Code
> if(LDAP-Group == "cn=hod,cn=users,dc=smartoptz,dc=com")
> {update reply
Why the heck are you putting the { on a new line, smashed up against the "update" text? Don't do that.
> {
> Tunnel-Type = VLAN,
> Tunnel-Medium-Type = IEEE-802,
> Tunnel-Private-Group-Id = "30"
> }
> }
> else
> { udpate reply {
> Tunnel-Type = VLAN,
> Tunnel-Medium-Type = IEEE-802,
> Tunnel-Private-Group-Id = "40"
> }
> }
This is all formatted badly. Don't do that.
if (LDAP-Group == "cn=hod,cn=users,dc=smartoptz,dc=com") {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = "30"
}
}
else {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = "40"
}
}
That will work.
Alan DeKok.
More information about the Freeradius-Users
mailing list