> > Maybe... but is ldap xlat yet available in the "users" file ? As > > stated in doc/rlm_ldap I thought it was only "hopefully shortly" > > available ? > > The issue is more that the LDAP module ignores the > operator, and does a simple string compare. The server core > needs to expose an API that does the operator-specific > compare. It's probably not too hard... > > Alan DeKok.
This means either translating a regexp filter to an Ldap filter, or getting the whole set of groups the user belongs to and then do the regexp compare. I'll have a look at the code when I have time (argh... I hate these last 4 words). Thanks, Thibault - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
