Questions about ldap authentication, huntgroup and authorize file
Alan DeKok
aland at deployingradius.com
Thu Oct 12 17:31:53 CEST 2017
On Oct 12, 2017, at 10:52 AM, Jérôme BERTHIER <Jerome.Berthier at inria.fr> wrote:
>
> Yes thanks you
> but as far as I see, this syntax does not work inside the file authorize.
It's not supposed to work there. You need to put it into the "default" virtual server.
> I tried to create a specific module file for a specific ldap instance myldap1 then I called it in the file authorize.
>
> In both cases, the module authorize is not validated for starting radiusd :
> /etc/raddb/mods-config/files/authorize[228]: Parse error (check) for entry DEFAULT: Unknown attribute "myldap1-Ldap-Group"
> Failed reading /etc/raddb/mods-config/files/authorize
> /etc/raddb/mods-enabled/files[9]: Instantiation failed for module "files"
That should work if the server is configured correctly.
Again... post the debug output. ALL of it.
> I understand that it is possible to use specific ldap instance and to call it to parse group using <myldap>-Ldap-Group but it seems that it is not supported in the file authorize.
It is supported. You may need to fix your configuration.
Alan DeKok.
More information about the Freeradius-Users
mailing list