Alan DeKok wrote:
> <[EMAIL PROTECTED]> wrote:
> > I try to use FreeRADIUS 0.7 with the LDAP module to return the value of LDAP-
> > UserDN on successful authentication.
> >
> > The users file looks as follows:
> >
> > DEFAULT Auth-Type := ldap
> > User-Name := "%{ldap-userdn}",
>
> That doesn't work with 0.7. The dynamic translation of strings is
> only in the latest CVS snapshots.
>
> > The Access-Accept reply has the following form:
> >
> > rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=61, length=79
> > User-Name = "%{ldap-userdn}"
> > Reply-Message = "cn=RANK,o=Uni-Passau"
> >
> > It seems that the variable ldap-userdn does not get expanded for the User-Name
> > reply item.
>
> Not really. ONLY the Reply-Message attribute is expanded. No other
> attributes are expanded.
>
> > What can I do to return the ldap-userdn in the User-Name reply item?
>
> Grab the latest CVS snapshot, and do:
>
> DEFAULT Auth-Type := ldap
> User-Name := `%{ldap-userdn}`,
> Reply-Message := `%{ldap-userdn}`
> Fall-Through = No
>
>
> And it should work.
I installed freeradius-snapshot-20020909. The users file is now:
DEFAULT Auth-Type := ldap
User-Name := `%{ldap-userdn}`,
Reply-Message := `%{ldap-userdn}`,
Fall-Through = No
and the Access-Accept reply is now:
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=104, length=24
User-Name = ""
Reply-Message = ""
It still seems not to work. Are there some additional things to modify when
working with the CVS snapshot?
Christian
----------
Dr. Christian Rank
Rechenzentrum Universit�t Passau
Innstr. 33
D-94032 Passau
GERMANY
Tel.: 0851/509-1838
Fax: 0851/509-1802
PGP public key see http://www.rz.uni-passau.de/mitarbeiter/rank
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
