I am using rlm_ldap (2.0.0-pre2) to check an account for being valid in AD.
This works.
As I am only interested in one attribute from AD, it would be
sufficient, if rlm_ldap would only use "filter" to dive into AD once.
How could I prevent rlm_ldap from "Entering ldap_groupcmp()" ?
Setting
groupname_attribute = NULL
groupmembership_filter = NULL
only results in an error message "Bad search filter"
.....
rlm_ldap: looking for check items in directory...^M
rlm_ldap: LDAP attribute primaryGroupID as RADIUS attribute Group-Name
== "515"^M
rlm_ldap: looking for reply items in directory...^Mrlm_ldap: user
host/28tef004.ww006.mycomany.net authorized to use remote access^M
rlm_ldap: ldap_release_conn: Release Id: 0^M
++[ldap] returns ok^M
How to prevent entering this function??
rlm_ldap: Entering ldap_groupcmp()^M
expand: DC=MYCOMPANY,dc=NET -> DC=MYCOMPANY,dc=NET^M
expand: NULL -> NULL^M
.....
Norbert Wegener
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
