>> Alan, the "User" "Change Password" "Administrator" etc., are already part
>> of the LDAP schema (under the attribute securityRole) e.g. >> >> Uid=testuser >> Attribute Value >> securityRole Users Alan DeKok wrote: > The value should have the operator in it. e.g. +=Users is the value you've mentioned in the LDAP schema (LDAP config file)? Or in radiusd.conf? or ldap.attrmap? >> I've modified the file ldap.attrmap as follow (this is the only change >> I've made) >> >> replyItem Login-LAT-Group securityRole >> >> That should work. >> I thought by modifying this line to match the LDAP attribute would return >> all values for the user (testuser) in the LDAP schema. Alan DeKok wrote: > No. The operators are still important. > > Alan DeKok. Alright... so this maybe a misconfiguration in LDAP? -denis - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html