Hi.
I'm assigning profiles from ldap to User-Profile and I have a corner case
where a user can actually have multiple profiles which returns more then one
record and nothing gets assigned to User-Profile. Is there a way to specify
sizelimit for a ldap lookup to 1?
thanks
Martin
-
List info/sub
Dear Arran,
Much thanks! It works!
Okis
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 4 Sep 2013, at 05:05, Okis Chuang wrote:
> Hi all,
>
> I’m using FR 2.2.0 with Oracle 11g.
>
> Now I’m collecting Accounting records into Oracle DB with sql xlat which call
> a function in PL/SQL.
> For example in debug mode it expands like below
Hi all,
I'm using FR 2.2.0 with Oracle 11g.
Now I'm collecting Accounting records into Oracle DB with sql xlat which
call a function in PL/SQL.
For example in debug mode it expands like below:
"%{sql:select wifi_acct.onlineStart(..., '%{Class[*]}',..) from du
On 14 Jun 2013, at 22:36, Go WiFi wrote:
> can you tell what files you need??
> and the code i am giving is form sql configurations file to simulate this
>
> according to your instruction i changed the file like
>
> sql sql2{
> sql_user_name = "%{sql_inst2:select s.* from (select @user:=BINARY
can you tell what files you need??
and the code i am giving is form sql configurations file to simulate this
according to your instruction i changed the file like
sql sql2{
sql_user_name = "%{sql_inst2:select s.* from (select @user:=BINARY
'%{User-Name}' p) parm , upm s}"
}
and in
sql sql_gowifi
On 14 Jun 2013, at 20:21, Go WiFi wrote:
> ok after a close look at the debug i found the log
> [sql_gowifi] WARNING: Unknown module "sql2" in string expansion "%"
> [sql_gowifi] sql_set_user escaped user --> ''
>
> it's not able to find the module sql2 but in my config the very first line is
On Sat, Jun 15, 2013 at 12:42:49AM +0530, Go WiFi wrote:
> also i denied to give the full code as it's part of my confidential company
> files if i give the full code then someone might get the details about the
> table structure
Sorry, 'Go', but nobody here cares about your confidential files.
I
ok after a close look at the debug i found the log
[sql_gowifi] WARNING: Unknown module "sql2" in string expansion "%"
[sql_gowifi] sql_set_user escaped user --> ''
it's not able to find the module sql2 but in my config the very first line
is sql sql2 {
-
List info/subscribe/unsubscribe? See http:
sql sql2 {
}
sql sql_gowifi{
driver = "rlm_sql_mysql"
# Connection info:
server = "localhost"
#port = 3306
login = "dbuser"
password = "pass"
radius_db = "radius"
# Print all SQL statements when in debug mode (-x)
sqltrace = yes
sqltracefile = ${logdir}/custom.sql
# number of sql connections to
On 14 Jun 2013, at 19:07, Go WiFi wrote:
> this is the section i am having issues
> so i don't think it's needed to post the full config
if you want help, post the full sql config sans queries and any sensitive
information.
> also there is nothing special in debug just the sql_user_name field
Go WiFi wrote:
> this is the section i am having issues
> so i don't think it's needed to post the full config
If you're smarter than the experts on this list, you can figure it out
for yourself.
Or, if you're not going to follow instructions, you shouldn't be
asking questions on this list.
this is the section i am having issues
so i don't think it's needed to post the full config
also there is nothing special in debug just the sql_user_name field is blank
also i managed to write some sql functions to archive the same
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/l
On 14 Jun 2013, at 18:22, Go WiFi wrote:
> Hello
> i am getting an issue with xlat
>
> i tried this
>
> sql sql2 {
>
> }
>
> sql sql_gowifi{
> sql_user_name = "%{sql2:select s.* from (select @user:=BINARY '%{User-Name}'
> p) parm , upm
Hello
i am getting an issue with xlat
i tried this
sql sql2 {
}
sql sql_gowifi{
sql_user_name = "%{sql2:select s.* from (select
@user<https://github.com/user>:=BINARY
'%{User-Name}' p) parm , upm s}"
}
and using sql_gowifi in sites-enabled/default for mysql based l
Stanislav Lorenc wrote:
> is there some way how to iterate over xlat sql query result ?
Perl.
> For example: I need send for user multiple ipv6 prefixes and they are
> stored in sql table and each prefix is represented by record in table.
> Query return for example 4 rows.
>
Hi,
is there some way how to iterate over xlat sql query result ?
For example: I need send for user multiple ipv6 prefixes and they are
stored in sql table and each prefix is represented by record in table.
Query return for example 4 rows.
update reply {
Framed-IPv6-Prefix
Hi,
Right now, the Ldap-Group will only contain the first group of the list.
(1) use a different attribute. Using LDAP-Group is wrong.
(2) the %{ldap:...} query returns a one-line string. You *cannot*
have it return more data. You *cannot* automatically create multiple
attributes fro
Francois Gaudreault wrote:
> I have an LDAP xlat query to populate the Ldap-Group attribute
No.
You can't do that.
LDAP-Group is a *comparison* operator. It's meaning and behavior is
defined. It does LDAP queries to check group membership against the
string you return.
Hi,
Simple question here :
I have an LDAP xlat query to populate the Ldap-Group attribute in order
to do crazy stuff with the group membership (out of scope to explain you
what kind of crazy stuff). The issue I have is that the query may
return multiple group membership lines.
update
On Wed, Apr 18, 2012 at 7:34 AM, Eric Geier wrote:
> Will xlat and SQL queries work inside the Secret value in clients.conf? If
> so, what version of FR was this added?
I don't think so.
However, if you only want to lookup client's secret from DB, have you
look at raddb/sites-a
Will xlat and SQL queries work inside the Secret value in clients.conf? If
so, what version of FR was this added?
Thanks, Eric
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Am 13.04.2012 18:48, schrieb Matthew Newton:
> Hi,
>
> On Fri, Apr 13, 2012 at 05:23:22PM +0200, Alan DeKok wrote:
>> Jan Weiher wrote:
>>> I had some sparetime and was able to have a deeper look at it. What I
>>> did is basically running freeradius -X and then hup'd it until it got
>>> borked. Se
Hi,
On Fri, Apr 13, 2012 at 05:23:22PM +0200, Alan DeKok wrote:
> Jan Weiher wrote:
> > I had some sparetime and was able to have a deeper look at it. What I
> > did is basically running freeradius -X and then hup'd it until it got
> > borked. Seems to me like the mschap module gets somehow lost d
Jan Weiher wrote:
> I had some sparetime and was able to have a deeper look at it. What I
> did is basically running freeradius -X and then hup'd it until it got
> borked. Seems to me like the mschap module gets somehow lost during the hup:
That's enough to tell what's going on.
Try grabbing
"thepassword"
[pap] Using NT encryption.
[pap] WARNING: Unknown module "mschap" in string expansion "%"
[pap] mschap xlat failed
[pap] Passwords don't match
++[pap] returns reject
Failed to authenticate the user.
But, the message "Unkown module" is strange, becau
Matthew Newton wrote:
> I've just replicated the problem by repeatedly HUPping freeradius,
> with about 10 second gaps between. On the 8th or so try, the same
> issue hit. Stopping and starting FR fixed it.
Maybe valgrind helps. It doesn't say anything for me...
> I'm wondering if the mschap m
> So that seems to indicate it's the HUP that causes the problem.
Okay, I thought it might me the config a.k.a "me"...
I think I'm going to modify the logrotate script until this issue is fixed.
best,
Jan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Thu, Apr 12, 2012 at 04:45:56PM +0200, Jan Weiher wrote:
> Am 12.04.2012 16:32, schrieb Matthew Newton:
> > I'll dig a bit more, but the easy solution is to change the
> > logrotate script to restart, rather than reload/HUP.
> >
>
> Yes, that would be a solution for me as well, because when lo
Hi,
Am 12.04.2012 16:32, schrieb Matthew Newton:
>
> I'll dig a bit more, but the easy solution is to change the
> logrotate script to restart, rather than reload/HUP.
>
Yes, that would be a solution for me as well, because when logrotate
runs, the freeradius server is basically idle, but I don
Hi,
On Thu, Apr 12, 2012 at 03:59:56PM +0200, Jan Weiher wrote:
> I've got a strange problem with FR 2.1.12, sometimes (not always) when
> logrotate ran, freeradius goes bonkers and responds to every pap request
> with "mschap xlat failed". Restarting FR fixes this magica
with FR 2.1.12, sometimes (not always) when
>> logrotate ran, freeradius goes bonkers and responds to every pap request
>> with "mschap xlat failed". Restarting FR fixes this magically and all
>> works fine again. I created a small and hackish script, which restarts
>&
On 04/12/2012 09:59 AM, Jan Weiher wrote:
Hi,
I've got a strange problem with FR 2.1.12, sometimes (not always) when
logrotate ran, freeradius goes bonkers and responds to every pap request
with "mschap xlat failed". Restarting FR fixes this magically and all
works fine again. I
Hi,
I've got a strange problem with FR 2.1.12, sometimes (not always) when
logrotate ran, freeradius goes bonkers and responds to every pap request
with "mschap xlat failed". Restarting FR fixes this magically and all
works fine again. I created a small and hackish script, which r
issue is resolved. It was about type of ldap columns.
we set attribute and ldap columns both to string, and it worked.
Thanks.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/xlat-errors-filter-logs-tp5614816p5617794.html
Sent from the FreeRadius - User mailing list
Hello,
I am adding custom attributes and replicate or proxy them to other radius
servers.
But I also want to log this operation.
I test it via sql xlat. ( I will also use ldap xlat, I think they will be
same like "%ldap: ." )
For example, I am waiting 20 digit number from my qu
Of course!
Didnt instantiate it properly!
Thanks!
On Fri, Aug 26, 2011 at 9:31 AM, Arran Cudbard-Bell <
a.cudba...@freeradius.org> wrote:
>
> >
> > Here is the module:
> > sql sql_local {
> > database = "mysql"
> > driver = "rlm_sql_${database}"
> > server = "localhost"
>
>
> Here is the module:
> sql sql_local {
> database = "mysql"
> driver = "rlm_sql_${database}"
> server = "localhost"
> login = "radius"
> password = ""
> radius_db = "radius-MAB"
> read_groups = no
> sqltrace =
known module "sql_local" in
> string expansion "%"
> Thu Aug 25 16:52:56 2011 : Info: ? Evaluating ("%{sql_local:SELECT
> COUNT(mac) FROM authorized_macs WHERE mac ='%{Calling-Station-ID}'}" > 0) ->
> FALSE
> Thu Aug 25 16:52:56 2011 : Info: ++? if (&
tion-ID}'}" > 0) -> FALSE
> Thu Aug 25 16:52:56 2011 : Info: ++? if ("%{sql_local:SELECT COUNT(mac) FROM
> authorized_macs WHERE mac ='%{Calling-Station-ID}'}" > 0) -> FALSE
> ...
>
> As far as I can understand the documenta
o: ++? if ("%{sql_local:SELECT COUNT(mac) FROM
authorized_macs WHERE mac ='%{Calling-Station-ID}'}" > 0) -> FALSE
...
As far as I can understand the documentation this should be working (
http://wiki.freeradius.org/Rlm_sql#SQL+xlat). Any helpful hand which can
bring so
On 17/05/2011 22:28, Frank Dornheim wrote:
Dear FreeRADIUS users,
i try to migrate my radius setup to LDAP.
I use mainly the informations from "Frank Ranner"
(http://lists.cistron.nl/pipermail/freeradius-users/2007-September/msg00205.html).
Today i have a problem to understan
Dear FreeRADIUS users,
i try to migrate my radius setup to LDAP.
I use mainly the informations from "Frank Ranner"
(http://lists.cistron.nl/pipermail/freeradius-users/2007-September/msg00205.html).
Today i have a problem to understand the xlat statement in the "hint" file:
Sven Hartge wrote:
> Yeah, I thought so. Another thought: Are those lists fully available to the
> perl module? Maybe then I could just dump the %hashes to disk to examine
> them.
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
> Sven Hartge wrote:
>> Just out of curiosity: is there an easy way to see the whole contents
>> of all lists while debugging?
> Not really. It's a *lot* of data.
Yeah, I thought so. Another thought: Are those lists fully available to the
perl module? Maybe then I could just
Sven Hartge wrote:
> Just out of curiosity: is there an easy way to see the whole contents of
> all lists while debugging?
Not really. It's a *lot* of data.
It's possible to patch the server to do this. If you do it, send us
the patch. :)
Alan DeKok.
-
List info/subscribe/unsubscribe? Se
Alan DeKok wrote:
> Sven Hartge wrote:
> ...
>> | update request {
>> | GIFB-NetzAccStatus :=
>> "%{ldap:ldap:///dc=fh-giessen-friedberg,dc=de?GIFB-NetzAccStatus?sub?uid=%u}";
>> | GIFB-Status :=
>> "%{ldap:ldap:///dc=fh-giessen-friedberg,dc=de?GIFB-Status
Sven Hartge wrote:
...
> | update request {
> | GIFB-NetzAccStatus :=
> "%{ldap:ldap:///dc=fh-giessen-friedberg,dc=de?GIFB-NetzAccStatus?sub?uid=%u}";
> | GIFB-Status :=
> "%{ldap:ldap:///dc=fh-giessen-friedberg,dc=de?GIFB-Status?sub?uid=%u}";
...
> Now, fo
Hi all!
I am using freeradius 2.1.10 (from backports) on a Debian Lenny server
to authenticate wireless users using EAP and normal users (from Ascend
NAS and ASA5510) with CHAP and PAP and so on.
My backend is a LDAP directory (OpenLDAP).
So far, everything is fine and working great.
My questio
Hi list,
>>
>> So this should work? ATM I am nearly sure that this could never work,
>> since the 1st query will deliver the string, that rlm_sql should expand
>> with another query.
>>
>> But it would be great if it will work :-)
>
> rlm_sql does recu
On 20/4/09 09:34, Uwe Kastens wrote:
Arran,
If I try to use sql xlat I will get the answer:
Error: rlm_sql: Failed to create the pair: Unknown value %{sql:SELECT
disctime.time FROM `disctime` WHERE disctime.user = %{User-Name}} for
attribute Session-Timeout
Sun Apr 19 20:11:03 2009 : Error
Arran,
>> If I try to use sql xlat I will get the answer:
>> Error: rlm_sql: Failed to create the pair: Unknown value %{sql:SELECT
>> disctime.time FROM `disctime` WHERE disctime.user = %{User-Name}} for
>> attribute Session-Timeout
>> Sun Apr 19 20:11:03 2009
my request.
>
> If I try to use sql xlat I will get the answer:
> Error: rlm_sql: Failed to create the pair: Unknown value %{sql:SELECT
> disctime.time FROM `disctime` WHERE disctime.user = %{User-Name}} for
> attribute Session-Timeout
> Sun Apr 19 20:11:03 2009 : Error:
Hello list,
I am trying to use some internal database function to calculate the
Session-Timeout.
If I set the value for Session-Timeout to a integer like 123, its
correctly delivered as answer to my request.
If I try to use sql xlat I will get the answer:
Error: rlm_sql: Failed to create the
Eric Geier wrote:
> But even without using a raw attribute, the SQL xlat rule doesn't work, such
> as:
>
> client 192.168.0.1/32 {
> secret = "%{sql:SELECT secret FROM APs WHERE NAS-Identifier='blah'"
That doesn't work. Not only that, noth
> >I've googled for it. Plus someone here had mentioned "rlm_raw and use
> it
> >with a SQL xlat rule". I think I'm doing that, but it's not working.
> Please
> >let me know what might be holding it up.
> >
>
> Lack of rlm_raw? Tha
>I've googled for it. Plus someone here had mentioned "rlm_raw and use it
>with a SQL xlat rule". I think I'm doing that, but it's not working. Please
>let me know what might be holding it up.
>
Lack of rlm_raw? That doesn't come with the server.
&
> >I can't get SQL xlat to work in the Clients file. I'm trying to do a
> DB
> >query for the Shared Secret.
> >
>
> And where did you find that it should work?
I've googled for it. Plus someone here had mentioned "rlm_raw and use it
with a SQL x
>I can't get SQL xlat to work in the Clients file. I'm trying to do a DB
>query for the Shared Secret.
>
And where did you find that it should work?
>I'm getting invalid Message-Authenticator (Shared secret is incorrect)
>errors.
You should fix client secret to
I can't get SQL xlat to work in the Clients file. I'm trying to do a DB
query for the Shared Secret.
I'm getting invalid Message-Authenticator (Shared secret is incorrect)
errors.
The select statement works fine when ran on my DB server.
Have any suggestions?
Thanks, Eric
-
List
Tons of thanks.
Venkatesh. K
On Sat, Nov 29, 2008 at 9:14 PM, Alan DeKok <[EMAIL PROTECTED]> wrote:
> Venkatesh K wrote:
>> Hello,
>>
>> I would like to send a reply based on an attribute(s) in request
>> config-items. It seems, from unlang man page, this is not supported.
>
> Use "control"
>
>
Venkatesh K wrote:
> Hello,
>
> I would like to send a reply based on an attribute(s) in request
> config-items. It seems, from unlang man page, this is not supported.
Use "control"
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
I would like to send a reply based on an attribute(s) in request
config-items. It seems, from unlang man page, this is not supported.
Any thoughts or ideas?
Thanks,
Venkatesh. K
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(which means depending on the
CallingStation-Id parameter). So I have a separate table in which
CallingStation-Ids and Filter-Ids are mapped.
That should work.
> Now if I put that query in the Filter-Id, the XLAT function doesn't get
executed:
==In
(which means depending on the
> CallingStation-Id parameter). So I have a separate table in which
> CallingStation-Ids and Filter-Ids are mapped.
That should work.
> Now if I put that query in the Filter-Id, the XLAT function doesn't get
> executed:
> ==In radreply
-Id parameter). So I have a separate table in which
CallingStation-Ids and Filter-Ids are mapped.
For example:
mysql> select service from userinfo where username='ljupco' limit 1;
+-+
| service |
+-+
| net1|
+-+
Now if I put that query in the Filter
Alan DeKok wrote:
> Arran Cudbard-Bell wrote:
>
>> alternate values arnt being parsed correctly in xlat strings involving
>> modules.
>>
>
> It doesn't work. It's not intended to work, because ":-" is a
> perfectly valid string
Arran Cudbard-Bell wrote:
> alternate values arnt being parsed correctly in xlat strings involving
> modules.
It doesn't work. It's not intended to work, because ":-" is a
perfectly valid string to pass to a module. ":-" only works for attributes.
> Wh
Hi,
Another small xlat parsing error,
alternate values arnt being parsed correctly in xlat strings involving
modules.
update request {
Supplicant-Flags = "%{sql_clients:SELECT
EXPORT_SET(master.supplicant_flags,'1','0','',10) FROM `master` WH
Alan DeKok wrote:
> Arran Cudbard-Bell wrote:
>> In that case it would be really useful to be able to use conditionals in
>> instantiate...
>
> As always, patches are welcome.
And there will be ! Though that is dependent on me getting time to learn
c *properly*. Unfortunately most of my time
Arran Cudbard-Bell wrote:
> In that case it would be really useful to be able to use conditionals in
> instantiate...
As always, patches are welcome.
i.e. there are higher priority items before 2.0.0 comes out. Maybe
for 2.0.1.
Alan DeKok.
--
http://deployingradius.com - The web
Alan DeKok wrote:
> Arran Cudbard-Bell wrote:
>> Appears virtual modules can't be used with dynamic expansion.
>
> They can't. They're just used to avoid repetitive cut & paste,
> nothing more.
>
> Alan DeKok.
> --
> http://deployingradius.com - The web site of the book
> http://de
Arran Cudbard-Bell wrote:
> Appears virtual modules can't be used with dynamic expansion.
They can't. They're just used to avoid repetitive cut & paste,
nothing more.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
Appears virtual modules can't be used with dynamic expansion.
WARNING: Unknown module "redundant_sql_clients" in string expansion
"%{redundant_sql_clients:SELECT
EXPORT_SET(master.nas_flags,'1','0','',20) FROM `master` WHERE ip1 =
'%{1}' AND ip2 = '%{2}' AND ip3 = '%{3}' AND ip4 = '%{4}' LIMIT
groupmembership_filter =
"(&(objectClass=posixGroup)(|(gidNumber=${gid})(memberUid=%{Stripped-User-Name:-%{User-Name}})))"
do_xlat = yes
...
}
Debugging output:
rlm_ldap: Entering ldap_groupcmp()
radius_xlat: 'dc=domain,dc=com'
radius_xlat: Running registered xlat
Arran Cudbard-Bell wrote:
> Aha, so the significance of the back ticks is .
> That the string will be sent through radius_xlat ?
Yes. See doc/variables.txt, I believe.
> And this is true for reply attributes in all the 'files' processed files ?
>
> Or is this a special feature of rlm_sql
Alan DeKok wrote:
> Arran Cudbard-Bell wrote:
>
>> Dynamic expansion of reply items in SQL is broken
>> in current cvs head.
>>
>> Reply-Message = "Welcome %{User-Name} At wherever"
>>
>
> Use:
>
> Reply-Message = `...`
>
> In 1.x, Reply-Message was *always* run through radius_xlat.
Arran Cudbard-Bell wrote:
> Dynamic expansion of reply items in SQL is broken
> in current cvs head.
>
> Reply-Message = "Welcome %{User-Name} At wherever"
Use:
Reply-Message = `...`
In 1.x, Reply-Message was *always* run through radius_xlat. In 2.0,
it's done only if you ask it to.
A
Arran Cudbard-Bell wrote:
> Dynamic expansion of reply items in SQL is broken
> in current cvs head.
>
> Reply-Message = "Welcome %{User-Name} At wherever"
I'd suggest to try using back quotes in the table of reply items:
Reply-Message = `Welcome %{User-Name} At wherever`
--
Nicolas Baradakis
Sorry,
Another one for the list.
Dynamic expansion of reply items in SQL is broken
in current cvs head.
Reply-Message = "Welcome %{User-Name} At wherever"
Is printed as
Welcome %{User-Name} At wherever
Instead of Welcome Fluffy At Wherever.
Thanks,
Arran
--
Arran Cudbard-Bell ([EMAIL PROTECT
Kenneth Marshall wrote:
...
> DEFAULT Auth-Type = Kerberos, NAS-IP-Address == x.y.z.g
> Class = "OU=%{ldap:ldap:///dc=rice,dc=edu?Class?sub?uid=%u}";
>
> The problem is that that this does not work unless I define a specific
> instance for the xlat process.
em is that that this does not work unless I define a specific
instance for the xlat process. This does not allow it to failover to
the working server. Does anyone have any ideas about how to implement
such functionality?
Ken Marshall
-
List info/subscribe/unsubscribe? See http://www.freeradiu
> Andriy Gapon wrote:
>> Is it possible to add something like %{Attr-Name[*]} that would expand
>> to all values of an attribute and something like %{Attr-Name[#]} that
>> would expand to number of attribute instances ?
>
> This works in the CVS head. I'm not sure why it isn't in 1.1.1.
Alan,
Andriy Gapon <[EMAIL PROTECTED]> wrote:
> Is it possible to add something like %{Attr-Name[*]} that would expand
> to all values of an attribute and something like %{Attr-Name[#]} that
> would expand to number of attribute instances ?
This works in the CVS head. I'm not sure why it isn't in 1.1
FreeRAIUS documentation in 1.1.1 mentions a possibility of referencing
specific AVPs in case of multiple instances of an attribute
(%{Attr-Name[N]}).
This is quite useful (and a nice addition!), but it doesn't seem to
cover some situations (especially related to logging/accounting) where
number of
Jan-Piet Mens <[EMAIL PROTECTED]> wrote:
> > The LDAP attribute is supposed to be an IP address, not a string
> > that requires more processing before it becomes an IP address.
>
> Would it be possible and can you please give me a hint, perhaps a pointer to
> documentation?
I'm not sure what
On Tue Apr 19 2005 at 18:46:49 CEST, Alan DeKok wrote:
> Jan-Piet Mens <[EMAIL PROTECTED]> wrote:
> > and correctly returns Reply-Message = "JP 1.1.1.1" to the client,
> > but this doesn't work:
> >
> > radiusFramedIPAddress:
> > "%{ldap1:ldap:///dc=retail-sc,dc=com?cn?sub?uid=su00-%n}";
>
Jan-Piet Mens <[EMAIL PROTECTED]> wrote:
> and correctly returns Reply-Message = "JP 1.1.1.1" to the client,
> but this doesn't work:
>
> radiusFramedIPAddress:
> "%{ldap1:ldap:///dc=retail-sc,dc=com?cn?sub?uid=su00-%n}";
The LDAP attribute is supposed to be an IP address, not a string
t
I'm using FreeRadius 1.0.1 on Linux RHES3 and would like to return
a dynamically constructed Framed-IP-Address. Unfortunately, I can't
get xlat to work correctly for that.
This works when in a user's LDAP entry:
radiusReplyItem: Reply-Message += "JP
%{ldap1:ldap://
I couldn't find a bug report on this, so please point me in the right
direction if this has been raised before. freeradius 1.0.1. Haven't
fully checked 1.0.2 yet, but it doesn't appear in the changelog.
There appears to be a "bug" in xlat.c (radius_xlat/decode_attribute)
where recursion doesn't
On Mon, 17 Jan 2005 11:43:51 -0500, Alan DeKok <[EMAIL PROTECTED]> wrote:
> Red Cayenne <[EMAIL PROTECTED]> wrote:
> I mean that your sql xlat function needs to call radius_xlat, too.
> How else will it expand the variables passed to your function?
>
> Print out the
Red Cayenne <[EMAIL PROTECTED]> wrote:
> Thanks, this got me going. I got a clue that radius_xlat should call
> itself to do the substitution, however I'm uncertain how to do this.
I mean that your sql xlat function needs to call radius_xlat, too.
How else will it expand the
On Sun, 16 Jan 2005 11:46:52 -0500, Alan DeKok <[EMAIL PROTECTED]> wrote:
> Read the original sql_xlat function, and see what the differences
> are between it and your function.
>
> Odds are you're not calling radius_xlat.
>
> Alan DeKok.
Thanks, this got me going. I got a clue that radius
Red Cayenne <[EMAIL PROTECTED]> wrote:
> I wrote a custom xlat sql function (my setup is with mysql backend),
> registered it, and radius_xlat gets the function running. However,
> variables in query are not replaced with attribute values... So my
> question is: what did I do wro
Hi,
I wrote a custom xlat sql function (my setup is with mysql backend),
registered it, and radius_xlat gets the function running. However,
variables in query are not replaced with attribute values... So my
question is: what did I do wrong? :)
sql.conf :
test_query = "SELECT id
detail
sql
}
How i can configure Freeradius without rewriting "#" char
or without using xlat for some pairs?
--
Lance
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
96 matches
Mail list logo
