Hugh,
Works like a charm! One minor change, so i dont have to keep track
of 2 attributes, i just use one as follows:
AuthBy CGate_via_LDAP
StripFromRequestVisi-AuthBy
AddToRequestVisi-AuthBy=LDAP
Hello Jeremy -
AddToRequest is available in the AuthBy GROUP clause, so you could
enclose your AuthBy clauses in AuthBy GROUP's and do it that way. BTW -
you do not need to use an attribute from the dictionary - the request
is just a scratch-pad area in memory that you can use however you like.
Hugh,
Thanks for the idea, but unfortunately the AddToRequest seems to
be out of scope (invalid) in an AuthBy clause. It recognizes it in the
Realm scope, and i tried sequencing them there:
AuthBy Log_SQL
AddToRequestNAS-Port-Id=LDAP2
AuthBy
Hello Jeremy -
Interesting question.
The only thing I can think of is to put an AddToRequest in each of the
AuthBy clauses and logging the contents of both in your AuthLog.
Something like this might work (please let me know if it does):
AuthByPolicy
.
AddToRequest AuthBy1 = L
Greetings,
I'm trying to figure out of theres a way to log which AuthBy clause issued
the Request-Failed via AuthLogSQL. I use a AuthBy LDAP primarily, but if
that times out i fall back to an AuthBy SQL. When an auth attempt gets
rejected, i'd like to know if the AuthBy LDAP timed out and its