On 2013-07-16 16:46, Heikki Vatiainen wrote: > On 07/16/2013 12:03 PM, Alexander Hartmaier wrote: > >> AuthAttrDef mobile,GENERIC,request >> AuthAttrDef mail,GENERIC,request >> AuthAttrDef memberof,GENERIC,request >> >> This results in error messages in the log: >> Tue Jul 16 08:49:46 2013: ERR: Bad attribute=value pair: n...@fqdn.org >> Tue Jul 16 08:49:46 2013: ERR: Bad attribute=value pair: +4312345678 > GENERIC expects the values fetched from LDAP to be in > 'AttributeName=value' format. Maybe this would work better: > > AuthAttrDef mobile,mobile,request > AuthAttrDef mail,mail,request > AuthAttrDef memberof,memberof,request Thanks, that did the trick! > >> Is this because mobile and mail are not in the dictionary? > No. Dictionary is only required if the attribute and its value need to > be packed in the network transfer format. That is, numbers instead of > attribute names etc. Makes sense. > >> Why isn't the error also thrown for memberof? > Most likely because the memberof LDAP attribute value is in CN=... > format. When attribute is added in the request, CN is taken as the > attribute name and the rest (...) as the value. Yeah, I guess it's even memberof=CN=,memberof=CN= and therefore worked as well. > > Thanks, > Heikki >
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien Handelsgericht Wien, FN 79340b *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* Notice: This e-mail contains information that is confidential and may be privileged. If you are not the intended recipient, please notify the sender and then delete this e-mail immediately. *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator