Thanks so much Alan. Really Appreciated your help.
It did work for single return value. Please check the log. I searched the
following thread for multiple attributes but it did not have right logic
without changing data.
http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg19275.html
As we do not control the change of ldap data as it is legacy.
For ldap multiple attributes I am getting ONLY first value.
rlm_ldap: LDAP attribute roleid as RADIUS attribute rCidx = "111111"
rlm_ldap: LDAP attribute entitlements as RADIUS attribute rEntitlements =
"test1"
rlm_ldap: LDAP attribute entitlements as RADIUS attribute rEntitlements =
"test2"
rlm_ldap: LDAP attribute entitlements as RADIUS attribute rEntitlements =
"test3"
rlm_ldap: LDAP attribute roleid as RADIUS attribute rCidx = "111111"
WARNING: No "known good" password was found in LDAP. Are you sure that the
user is configured correctly?
rlm_ldap: user 0014F846C199 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
rad_check_password: Found Auth-Type Accept
rad_check_password: Auth-Type = Accept, accepting the user
Login OK: [0014F846C199/<via Auth-Type = Accept>] (from client samir port 0)
Sending Access-Accept of id 21 to 216.2.193.1 port 20070
rEntitlements = "test1"
rCidx = "111111"
Alan DeKok <[EMAIL PROTECTED]> wrote: Eric Martell wrote:
> I am using NTRadPing to test the authorization.
> I see in the log, radius attribute is mapped to ldap attribute and
> returning valid value
> rlm_ldap: LDAP attribute roleid as RADIUS attribute rCidx = "111111"
>
> but I did not see it in the Sending Access-Accept reply to NAS.
Attributes between 1 and 255 can go into a packet. Attributes greater
than that cannot go into a packet.
You will need to define a vendor-specific dictionary for your
attribute. See share/dictionary.*
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
---------------------------------
OMG, Sweet deal for Yahoo! users/friends: Get A Month of Blockbuster Total
Access, No Cost. W00t
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html