Extracting a value from an LDAP attribute
Nick Porter
nick at portercomputing.co.uk
Thu Feb 2 11:02:54 UTC 2023
On 02/02/2023 10:54, florentvercourt at gmail.com wrote:
> I want to extract the number of the vlan, to affect it to "
> Tunnel-Private-Group-Id" attribute. With the given example, I want to only
> have "13" stored in " Tunnel-Private-Group-Id".
>
>
>
> I tried that in the ldap module :
>
> update {
>
> control:Password-With-Header += 'userPassword'
>
> reply:Tunnel-Private-Group-ID := 'schacUserStatus'
>
> }
>
>
>
> However, with this solution I retrieve
> "urn:mace:terena.org:schac:userStatus:FR:vlan:13+mode=manuel" in"
> Tunnel-Private-Group-Id".
If the returned value always matches the same kind of format, I would
suggest using a regex to extract the relevant part, so, after the call
to the ldap module something like:
if (&reply:Tunnel-Private-Group-ID =~ /vlan:([0-9]+)/) {
update reply {
&Tunnel-Private-Group-ID := "%{1}"
}
}
That's looking for any digits after vlan: in the returned value - you
will have to understand the possible formats of the returned data to
know whether that will work.
Nick
--
Nick Porter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20230202/87baea34/attachment.sig>
More information about the Freeradius-Users
mailing list