post-auth | ldap-group | huntgroup
Markus Demmert (BESITEC-DEHAM)
MDemmert at besitec.com
Fri Feb 5 09:10:54 CET 2021
Good day,
I have problems to get this running:
------------------------------------------------------------------------------------------
if (Huntgroup-Name == "cisco-group") {
if (Ldap-Group == "Group_Network_Device_RW") {
update reply {
cisco-avpair = "shell:priv-lvl=15"
}
}
}
else {
reject
}
-----------------------------------------------------------------------------------------
I get this debug output:
-----------------------------------------------------------------------------------------
(0) [ldap] = ok
(0) } # Auth-Type LDAP = ok
(0) # Executing section post-auth from file /etc/freeradius/3.0/sites-enabled/ldap-network
(0) post-auth {
(0) if (Huntgroup-Name == "cisco-group") {
(0) ERROR: Failed retrieving values required to evaluate condition
(0) else {
(0) [reject] = reject
-----------------------------------------------------------------------------------------
When I remove the huntgroup line it is working and I can authenticate against a network device. But in combination with the huntgroup I get this error.
What I am doing wrong? Can someone point me in the right direction.
Many thanks,
MaDe
More information about the Freeradius-Users
mailing list