Freeradius-Users Digest, Vol 196, Issue 8
Alan DeKok
aland at deployingradius.com
Sun Aug 8 14:13:02 CEST 2021
On Aug 8, 2021, at 7:44 AM, Valery Kayukov <kayukovvalery at gmail.com> wrote:
>
> Thank you for your help. By the way I use 3.0.17 version.
You should really upgrade. We have packages for 3.0.23 on http://packages.networkradius.com
> I have fixed that
> but still have this problem with LDAP groups:
> Sun Aug 8 11:36:22 2021 : Debug: # Instantiating module "files" from
> file /etc/raddb/mods-enabled/files
> Sun Aug 8 11:36:22 2021 : Debug: reading pairlist file
> /etc/raddb/mods-config/files/authorize
> Sun Aug 8 11:36:22 2021 : Error:
> /etc/raddb/mods-config/files/authorize[10]: Parse error (check) for entry
> DEFAULT: Unknown name "LDAP-Group"
> Sun Aug 8 11:36:22 2021 : Error: Failed reading
> /etc/raddb/mods-config/files/authorize
> Sun Aug 8 11:36:22 2021 : Error: /etc/raddb/mods-enabled/files[9]:
> Instantiation failed for module "files"
>
> I have read the /etc/raddb/README.rst file about LDAP-Group but still not
> getting how to apply it.
>
> In /etc/raddb/mods-config/files/authorize file I have following:
> #LDAP NetEng team members
> DEFAULT LDAP-Group == "cn=neteng,ou=system
> groups,ou=Groups,dc=company,dc=net"
> Service-Type = "Administrative-User",
> cisco-avpair := "shell:roles=network-admin,vdc-admin",
> cisco-avpair += "shell:priv-lvl=15",
> Filter-Id = ":group_name=neteng;"
>
> In /etc/raddb/sites-available/default config:
> authorize {
> ...
> ldap-server-a
It would help to describe what you're doing.
If you've renamed the LDAP module, then the LDAP group information is in the <LDAP-NAME>-LDAP-Group attribute.
See the Wiki for documentation. Just type "LDAP-Group" into the search bar. This is documented.
Alan DeKok.
More information about the Freeradius-Users
mailing list