<[EMAIL PROTECTED]> wrote:
> I try to use FreeRADIUS 0.7 with the LDAP module to return the value of LDAP-
> UserDN on successful authentication.
>
> The users file looks as follows:
>
> DEFAULT Auth-Type := ldap
> User-Name := "%{ldap-userdn}",
That doesn't work with 0.7. The dynamic translation of strings is
only in the latest CVS snapshots.
> The Access-Accept reply has the following form:
>
> rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=61, length=79
> User-Name = "%{ldap-userdn}"
> Reply-Message = "cn=RANK,o=Uni-Passau"
>
> It seems that the variable ldap-userdn does not get expanded for the User-Name
> reply item.
Not really. ONLY the Reply-Message attribute is expanded. No other
attributes are expanded.
> What can I do to return the ldap-userdn in the User-Name reply item?
Grab the latest CVS snapshot, and do:
DEFAULT Auth-Type := ldap
User-Name := `%{ldap-userdn}`,
Reply-Message := `%{ldap-userdn}`
Fall-Through = No
And it should work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
