I put a value toto in supannaffectation which does not exist as a pool name
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
users: Matched DEFAULT at 199
users: Matched DEFAULT at 227
users: Matched DEFAULT at 254
modcall[authorize]: module "files" returns ok for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for fred
...
rlm_ldap: performing search in ou=people,ou=u2,dc=univ,dc=fr, with filter (uid=fred)
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding supannaffectation as Pool-Name, value toto & op=21
rlm_ldap: Adding ntPassword as NT-Password, value CF835867E40871E2C625A51ABFA4F8F5 & op=21
rlm_ldap: Adding lmPassword as LM-Password, value B2D6BDED78797D0125AD3B83FA6627C7 & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user fred authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type ldap
auth: type "LDAP"
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_ldap: - authenticate
rlm_ldap: login attempt by "fred" with password "xxxxxxxxxxxxxxx"
rlm_ldap: user DN: uid=fred,ou=people,ou=u2,dc=univ,dc=fr
rlm_ldap: (re)connect to 127.0.0.1:389, authentication 1
rlm_ldap: bind as uid=fred,ou=people,ou=u2,dc=univ,dc=fr/xxxxxxxxxxxxxxx to 127.0.0.1:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: user fred authenticated succesfully
modcall[authenticate]: module "ldap" returns ok for request 0
modcall: group Auth-Type returns ok for request 0
Login OK: [fred] (from client localhost port 1813)
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 0
modcall[post-auth]: module "ScEco" returns noop for request 0
modcall[post-auth]: module "IUT" returns noop for request 0
modcall[post-auth]: module "Medecine" returns noop for request 0
modcall[post-auth]: module "Esil" returns noop for request 0
modcall[post-auth]: module "Pharo" returns noop for request 0
modcall[post-auth]: module "Sciences" returns noop for request 0
modcall[post-auth]: module "Pharmacie" returns noop for request 0
modcall[post-auth]: module "OSU" returns noop for request 0
modcall[post-auth]: module "IM2" returns noop for request 0
modcall[post-auth]: module "STAPS" returns noop for request 0
modcall[post-auth]: module "DEF" returns noop for request 0
modcall: group post-auth returns noop for request 0
Sending Access-Accept of id 65 to 127.0.0.1:32781
Framed-MTU = 1500
Framed-Protocol = PPP
Framed-Compression = Van-Jacobson-TCP-IP
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 65 with timestamp 419dbb54
Nothing to do. Sleeping until we see a request.
in 199 of users: DEFAULT Service-Type == Framed-User, Pool-Name := "DEF_pool" in 227
DEFAULT Auth-Type = ldap
Fall-Through = 1
in 254DEFAULT Framed-Protocol == PPP
Framed-MTU = 1500,
Framed-Protocol = PPP,
Framed-Compression = Van-Jacobson-TCP-IPKostas Kalevras a écrit :
On Fri, 19 Nov 2004, fred Dominique wrote:
Works well (on debug). But I've juste two more questions:
1. I would like to have a catch all definition if suppannaffectation gives a non existing pool-name
I put this in users:
DEFAULT Service-Type == Framed-User, Pool-Name := "DEF_pool"
Framed-MTU = 1500,
Fall-Through = Yes
but didn't work
You should have the files module *before* the ldap module in the authorize section for this to work.
2. I would like the pool-name to be case insensitive, so it will work for SCECO or ScEco
Is it possible?.
Not that much. What you could probably do is lowercase the Pool-Name and use that one for the ippool module instance name.
-- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Dominique fred Ingénieur Système Réseau CISCAM Pole Réseau
Université de la Méditerranée http://annuaire.univ.fr/showuser.php?uid=fred
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
