On Tue, 16 Mar 2004, cbhoh wrote:
> Hey guys,
>
> I used Radius with openLDAP, and try to do authentication and then retrieve an
> attribute of
> the object if authenticate successfully.
In freeradius authorization (attribute retrieval) is before authentication
> >From the users file:
> chin Auth-Type := LDAP
> Reply-Message = "Hello, %{Service-Type}",
Check out doc/variables.txt
This should be "Hello, %{reply:Service-Type}"
> Fall-Through = No
>
> The problem is that I can NOT get %{Service-Type} value, i already setup
> radiusd.conf like:
>
> # and sample authorize{} and authenticate{} blocks
> ldap {
> server = "127.0.0.1"
> port = "389"
> basedn = "ou=people,dc=example,dc=com"
> filter = "(uid=%u)"
>
> start_tls = no
>
> access_attr = "radiusServiceType"
Please don't do that.
Read doc/rlm_ldap to understand the purpose of access_attr
>
> dictionary_mapping = ${raddbdir}/ldap.attrmap
> ...
> }
>
> authorize {
> preprocess
> ...
> ..
>
> ldap {
> notfound = return
> }
> }
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
