I want to branch an ldap attribute

Yuya Yanagi peacefull64 at gmail.com
Thu Jul 18 05:29:27 CEST 2019


Hi,Alan

Thank you for the advice!

I'm trying to do it with Dynamic LDAP, which I was taught, but I'd like you
to tell me because it doesn't work well.

I've written a sample of dynamic LDAP, and it is a part of [ if (specific
AP) { ], but I want to extract the SSID name
in the value of Called-Station-Id, but I'm having trouble not extracting it
well.

I tried to make the if statement look like this, but the result is No
Matches and the IF statement becomes FALSE.

Can you give me advice on how to extract only the SSID from the
Called-Station-Id and branch it?

This is the set IF statement.

if (&Called-Station-Id =~ /.*:authtest$/ ) {
........
}

※authtest is the SSID name that you want to determine

------------Debuglog------------------

Thu Jul 18 12:06:28 2019 : Debug: (5)             } # update control = noop
Thu Jul 18 12:06:28 2019 : Debug: (5)             if (%Called-Station-Id =~
/.*:authtest$/ ) {
Thu Jul 18 12:06:28 2019 : Debug: No matches
Thu Jul 18 12:06:28 2019 : Debug: (5)             if (%Called-Station-Id =~
/.*:authtest$/ )  -> FALSE
Thu Jul 18 12:06:28 2019 : Debug: (5)             else {

2019年7月17日(水) 19:32 Alan DeKok <aland at deployingradius.com>:

> On Jul 17, 2019, at 2:44 AM, Yuya Yanagi <peacefull64 at gmail.com> wrote:
> > There is a request to return the Vlan-id only when connecting to a
> specific
> > AP at the customer's request,
> > and we are struggling to solve the problem.
>
>   You can do dynamic LDAP queries:
>
> authorize {
>         ...
>         if (specific AP) {
>                 update reply {
>                         Tunnel-Private-Group-Id := "%{ldap:... LDAP QUERY
> ....}"
>                 }
>         }
>
> > I'll show you the mods-available/ldap file.
> > I've included mapping file in the update section below, but I want to
> > include additional mapping file for specific AP.(Location of the arrow
> mark)
> > But if you include an if statement, you will get an error [Invalid
> location
> > for 'if'].
>
>   Yes, because the "if" condition isn't allowed there.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list