I want to branch an ldap attribute
Yuya Yanagi
peacefull64 at gmail.com
Thu Jul 18 07:48:50 CEST 2019
Hi,Alan.
There are things that I want to confirm in addition.
update reply {
Tunnel-Private-Group-Id: = "% {ldap: ... LDAP
QUERY ....}"
}
I was asked to propose a method of dynamic LDAP, but I am still
validating, but there is no sign that can be found in the log, and I
am having trouble understanding the status.
When I do this process, is the value of VLANID substituted for
Tunnel-Private-Group-Id in the log?
2019-07-17 19:32 GMT+09:00, Alan DeKok <aland at deployingradius.com>:
> On Jul 17, 2019, at 2:44 AM, Yuya Yanagi <peacefull64 at gmail.com> wrote:
>> There is a request to return the Vlan-id only when connecting to a
>> specific
>> AP at the customer's request,
>> and we are struggling to solve the problem.
>
> You can do dynamic LDAP queries:
>
> authorize {
> ...
> if (specific AP) {
> update reply {
> Tunnel-Private-Group-Id := "%{ldap:... LDAP QUERY ....}"
> }
> }
>
>> I'll show you the mods-available/ldap file.
>> I've included mapping file in the update section below, but I want to
>> include additional mapping file for specific AP.(Location of the arrow
>> mark)
>> But if you include an if statement, you will get an error [Invalid
>> location
>> for 'if'].
>
> Yes, because the "if" condition isn't allowed there.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list