CJ wrote:
> Using 1.1.6 out of FreeBSD ports (no 1.1.7 yet).
>
> Looking to use LDAP-stored attributes conditionally based on hints:
...
> It appears that my User-Profile := `DN` does not go through
> radius_xlat and my %u variable in the check item is never expanded.
> Is this expected behavior?
Yes. Not everything is expanded.
> If I hard-code the DN with the user-name instead of %u it works
> great, but won't solve my problem.
>
> I got the idea from the rlm_ldap doc:
>
> ...it can be set through the hints file in the authorize section:
>
> DEFAULT Ldap-UserDN := `uid=%{User-
> Name},ou=people,dc=company,dc=com`
That works in the "users" file.
> Any thoughts or guidance or clarity on LDAP profile usage appreciated.
Try the current CVS head. See "man unlang". It's ever so much better
than what's in 1.x.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
