On 16/09/10 10:16, Eric Doutreleau wrote:
thanks for your replay
here what i did
in the ldap.attrmap i put
checkItem User-Category eduPersonPrimaryAffiliation
checkItem means "put the attribute into the check/config items list".
Looking at the source code, I see that rlm_ldap can't update the request
item list.
in the user file i did
DEFAULT
Tunnel-Type := VLAN,
Tunnel-Medium-Type := IEEE-802,
Tunnel-Private-Group-Id = 901,
Fall-Through = Yes
DEFAULT User-Category == "student"
Reply-Message = "Your a member of the student Group",
Tunnel-Private-Group-Id = 902
This means "match User-Category in the request items list", which is not
the list you've put it in.
"files" syntax cannot do comparisons against check/config or reply
items, and LDAP can only put items into check/config or reply. You will
therefore have to use an "unlang" syntax as per my previous email:
authorize {
...
ldap
if (control:User-Category == ...) {
...
}
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
