> > Am I missing something or is this setup impossible with > Ldap-Groups ? > > You are missing something. > > Ldap-Group is not a real attribute that's copied to the config items. > It's a "virtual" attribute. At runtime, the right-hand-side of the > comparison is searched for in the LDAP directory.
Ok, that was what I missed indeed. However, I haven't seen it in the rlm_ldap doc file: your last paragraph is worth adding to this file I think ;-) > There's no way to do what you want currently. Source code > changes and/or > clever use of the ldap xlat might do it (see doc/rlm_ldap) Maybe... but is ldap xlat yet available in the "users" file ? As stated in doc/rlm_ldap I thought it was only "hopefully shortly" available ? Thanks a lot for your answer. Regards, Thibault Le Meur - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
