Matt Ashfield wrote:
> Would it make more sense then to use a Perl program instead for the
> authorization and then have that program:
> - verify credentials against ldap.
> - do the regexp matching on the entitlement field?
If it works.
And *please* don't CC me on messages to the list. I *d
PROTECTED]
Sent: Friday, August 01, 2008 8:27 AM
To: [EMAIL PROTECTED]; FreeRadius users mailing list
Subject: Re: groupmembership and vlan assignment
Matt Ashfield wrote:
> Hmmm...welll I was hoping for another way to assign vlans based on ldap
> attributes, but I don't figure on rewriti
Matt Ashfield wrote:
> Hmmm...welll I was hoping for another way to assign vlans based on ldap
> attributes, but I don't figure on rewriting rlm_ldap.
You don't have to rewrite the whole module. Just change 100 lines in
one function.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://
: groupmembership and vlan assignment
Matt Ashfield wrote:
> DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Huntgroup-Name == UNBFWSS,
> unbldap-Ldap-Group =~ .*staff1, Autz-Type := Ldap1, Auth-Type := Ldap1
The LDAP Group checking does *equality* checking, not regular
expression checking. Sorry.
ECTED]; FreeRadius users mailing list
Subject: Re: groupmembership and vlan assignment
Matt Ashfield wrote:
> That's what I was afraid of. Any suggestions to getting around this?
Edit the source code to rlm_ldap to implement regex checks.
Alan DeKok.
-
List info/subscribe/unsubscr
Matt Ashfield wrote:
> That's what I was afraid of. Any suggestions to getting around this?
Edit the source code to rlm_ldap to implement regex checks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
t: Re: groupmembership and vlan assignment
Matt Ashfield wrote:
> DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Huntgroup-Name == UNBFWSS,
> unbldap-Ldap-Group =~ .*staff1, Autz-Type := Ldap1, Auth-Type := Ldap1
The LDAP Group checking does *equality* checking, not regular
expression checking. Sorry.
Matt Ashfield wrote:
> DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Huntgroup-Name == UNBFWSS,
> unbldap-Ldap-Group =~ “.*staff1”, Autz-Type := Ldap1, Auth-Type := Ldap1
The LDAP Group checking does *equality* checking, not regular
expression checking. Sorry.
Alan DeKok.
-
List info/subscrib
Nobody replied to my original post, and I got to thinking, would I be able
to use wildcards in my users file to achieve this when looking for which
Ldap-Group the user has been placed in?
i.e.
DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Huntgroup-Name == UNBFWSS,
unbldap-Ldap-Group =~ ".*staf
9 matches
Mail list logo