Re: groupmembership and vlan assignment

2008-08-05 Thread Alan DeKok
Matt Ashfield wrote: > Would it make more sense then to use a Perl program instead for the > authorization and then have that program: > - verify credentials against ldap. > - do the regexp matching on the entitlement field? If it works. And *please* don't CC me on messages to the list. I *d

RE: groupmembership and vlan assignment

2008-08-05 Thread Matt Ashfield
PROTECTED] Sent: Friday, August 01, 2008 8:27 AM To: [EMAIL PROTECTED]; FreeRadius users mailing list Subject: Re: groupmembership and vlan assignment Matt Ashfield wrote: > Hmmm...welll I was hoping for another way to assign vlans based on ldap > attributes, but I don't figure on rewriti

Re: groupmembership and vlan assignment

2008-08-01 Thread Alan DeKok
Matt Ashfield wrote: > Hmmm...welll I was hoping for another way to assign vlans based on ldap > attributes, but I don't figure on rewriting rlm_ldap. You don't have to rewrite the whole module. Just change 100 lines in one function. Alan DeKok. - List info/subscribe/unsubscribe? See http://

re: groupmembership and vlan assignment

2008-07-31 Thread Matt Ashfield
: groupmembership and vlan assignment Matt Ashfield wrote: > DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Huntgroup-Name == UNBFWSS, > unbldap-Ldap-Group =~ .*staff1, Autz-Type := Ldap1, Auth-Type := Ldap1 The LDAP Group checking does *equality* checking, not regular expression checking. Sorry.

RE: groupmembership and vlan assignment

2008-07-30 Thread Matt Ashfield
ECTED]; FreeRadius users mailing list Subject: Re: groupmembership and vlan assignment Matt Ashfield wrote: > That's what I was afraid of. Any suggestions to getting around this? Edit the source code to rlm_ldap to implement regex checks. Alan DeKok. - List info/subscribe/unsubscr

Re: groupmembership and vlan assignment

2008-07-30 Thread Alan DeKok
Matt Ashfield wrote: > That's what I was afraid of. Any suggestions to getting around this? Edit the source code to rlm_ldap to implement regex checks. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: groupmembership and vlan assignment

2008-07-30 Thread Matt Ashfield
t: Re: groupmembership and vlan assignment Matt Ashfield wrote: > DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Huntgroup-Name == UNBFWSS, > unbldap-Ldap-Group =~ .*staff1, Autz-Type := Ldap1, Auth-Type := Ldap1 The LDAP Group checking does *equality* checking, not regular expression checking. Sorry.

Re: groupmembership and vlan assignment

2008-07-28 Thread Alan DeKok
Matt Ashfield wrote: > DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Huntgroup-Name == UNBFWSS, > unbldap-Ldap-Group =~ “.*staff1”, Autz-Type := Ldap1, Auth-Type := Ldap1 The LDAP Group checking does *equality* checking, not regular expression checking. Sorry. Alan DeKok. - List info/subscrib

RE: groupmembership and vlan assignment

2008-07-28 Thread Matt Ashfield
Nobody replied to my original post, and I got to thinking, would I be able to use wildcards in my users file to achieve this when looking for which Ldap-Group the user has been placed in? i.e. DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Huntgroup-Name == UNBFWSS, unbldap-Ldap-Group =~ ".*staf