On Tue, 25 May 2004, Michael Schwartzkopff wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I tried to combine users into groups and use group attributes from LDAP to
> pass on the NAS. But somehow it does not work. First I tried:
>
> DEFAULT Ldap-Group == vlan_20, \
> User-Profile:="uid=vlan_20,ou=profiles,ou=radius,dc=multinet,dc=de"
> Reply-Message = "vlan_20 group",
> Fall-Through = no
>
> with the VLAN id defined in radiusTunnelGroupId of the uid=vlan_20 entity of
> the LDAP. But that does not work. Only the Reply-Message is returned.
Run radiusd in debug mode to see exactly what's happening. Are you sure you have
the files module before the ldap module? If it's the other way around that would
explain the VALN id not being read.
>
> Then I tried the profile_attribute in the ldap section of the radiusd.conf. I
> tried some variations:
>
> profile_attribute = "uid=vlan_20,ou=profiles,ou=radius,dc=multinet,dc=de"
> profile_attribute = "uid=vlan"
> profile_attribute = "uid=%{Ldap-Group},ou=..."
The above will never work. Read the documentation
>
> But nothing worked.
>
> Can anybody give me a hint, where my mistake is? Thanks.
>
> - --
> Dr. Michael Schwartzkopff
> MultiNET Services GmbH
> Bretonischer Ring 7
> 85630 Grasbrunn
>
> Tel: (+49 89) 456 911 - 0
> Fax: (+49 89) 456 911 - 21
> mob: (+49 174) 343 28 75
>
> PGP-ID: 15F925D9CEF94F2C
> Fingerprint: AF27 2674 4631 E230 B431 F68D 15F9 25D9 CEF9 4F2C
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
>
> iD8DBQFAszZJFfkl2c75TywRAhzCAJwOG2LQ8fC4pQGwbnW4qeSX/SCD+QCdGZc0
> GXi2vwZ37Br26Aw7RaUFdXs=
> =inEn
> -----END PGP SIGNATURE-----
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
