I want to branch an ldap attribute
Alan DeKok
aland at deployingradius.com
Fri Jul 19 12:57:06 CEST 2019
On Jul 18, 2019, at 10:33 PM, 西村暢敦 / NISHIMURA,NOBUATSU <nobuatsu.nishimura.dg at ps.hitachi-solutions.com> wrote:.
>
>
> I want to get vlanId (radiusTunnelPrivateGroupId) of the user I want to authenticate.
> Ldap query How should I write?
See LDAP documentation for how to write LDAP queries.
Then, paste the query into the FreeRADIUS configuration.
>> You can do dynamic LDAP queries:
>>
>> authorize {
>> ...
>> if (specific AP) {
>> update reply {
>> Tunnel-Private-Group-Id := "{ldap:ldap:///ou=Users,dc=edu,dc=com,uid?sub?radiusTunnelPrivateGroupId?}"
That isn't correct. The expansion uses %{...}.
>> }
>> }
> → Failed parsing expanded string
Post the debug output. There is just *no* reason for failing to do this.
> Is there a description method?
There's lots of documentation for both FreeRADIUS and for LDAP.
> Can I get vlan registered in ldap with any uid?
That's a question for LDAP, not FreeRADIUS.
Alan DeKok.
More information about the Freeradius-Users
mailing list