Help with configuring for multiple DC for LDAP
Wayne Sprouse
wayne.sprouse at lbsdk12.com
Thu Apr 10 14:51:03 UTC 2025
I want to set up my FreeRADIUS server to check the supplied user name and
decide which DC to use for authentication. I have tried using the following
code in my authorize section of a custom sites-enabled file.
# Check if the User-Name contains an email
if ("%{User-Name}" =~ /@(.+)$/) {
# Extract domain from email and store in email_domain
set email_domain = "%{1}"
# Conditionally set dc based on the domain
if ("%{email_domain}" == "student.madeupdomain.com") {
update control {
LDAP-Base-DN := "dc=student,dc=madeupdomain,dc=com"
}
}
else {
update control {
LDAP-Base-DN := "dc=madeupdomain,dc=com"
}
}
}
With this code in the custom file, the server gives an error message of
"Expecting section start brace '{' after "set email_domain". I have tried
adding a start brace before the if statement to assign the DC to use, but
that has made no difference. To check, I tried ChatGPT and put this code
in. ChatGPT says the code is correct.
Wayne Sprouse
--
"The
foregoing electronic message and any files transmitted with it are
confidential and are intended only for the use of the intended recipient
named above. This communication may contain material protected by the
Family Educational Rights and Privacy Act (FERPA). If you are not the
intended recipient, copying, distribution or use of the contents of this
message is strictly prohibited. If you received this electronic
message
in error, please notify us immediately at (228-864-1146**)."**
More information about the Freeradius-Users
mailing list