Hi Ivan, Thanks for the reply. After changing the operator += I am still seeing all the VARRAY in the reply. It should reply back only Sending Access-Accept of id 65 to 216.121.193.1 port 49266
rEntitlements += "WIFILOC1" rAttribute1 = "11111" rCidx = "11111" and not as it is happening now.... auth: type "LDAP" +- entering group LDAP rlm_ldap: - authenticate rlm_ldap: login attempt by "etest300" with password "test123" rlm_ldap: user DN: uid=test1212121 rlm_ldap: (re)connect to xxxxxxxxx:389, authentication 1 rlm_ldap: bind as uid=test1212121/test123 to xxxxxxx:389 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: user etest300 authenticated succesfully ++[ldap1] returns ok +- entering group post-auth ++[exec] returns noop Sending Access-Accept of id 65 to 216.2.193.1 port 49266 rEntitlements += "webhosting" rEntitlements += "2UP15DWN" rEntitlements += "5UP30DWN" rEntitlements += "WIFILOC1" rAttribute1 = "11111" rCidx = "11111" Finished request 0. Going to the next request Waking up in 4.9 seconds. Cleaning up request 0 ID 65 with timestamp +1 Ready to process requests. Please let me know. Thanks so much in advance. Regards. --- On Wed, 10/8/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: From: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Subject: Re: Radius reply multivalue VSA question. To: [email protected] Date: Wednesday, October 8, 2008, 7:18 PM += http://wiki.freeradius.org/Operators Ivan Kalik Kalik Informatika ISP Dana 8/10/2008, "Eric Martell" <[EMAIL PROTECTED]> piše: >Hi, > We are defining custom VSA's for our company. We have ldap configured in freeradius which returns back the VSA's. > >I defined custom VSA in >$freeradius/share/freeradius/dictionary.abc >ATTRIBUTE rEntitlements 113 string > >entitlements is multivalue attribute (vARRAY) in LDAP. > >In the ldap.attrmap it is defined as > >replyItem rEntitlements entitlements == > > >So after the successful authentication, I am getting the rEntitlements back as > >Sending Access-Accept of id 50 to 69.74.69.31 port 1814 > Session-Timeout = 7200 > rEntitlements == "ADMALL" > rEntitlements == "STORE" > rEntitlements == "WEPG" > rEntitlements == "WADM" > rEntitlements == "SDNLD" > rEntitlements == "WIFILOC1" > > >BUT I am looking for ONLY WIFILOC1 for the NAS. NAS will redirect if WIFILOC1 exists. > >Can I do regex in the rEntitlements so freeradius ONLY returns >rEntitlements = "WIFILOC1" and ignore the rest? > >Please let me know. >Thanks in advance. > > > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
