On 8/7/09 15:07, Alan DeKok wrote:
> You can map that VLAN number to a server-side attribute. Then, copy
> it to the correct tunnel attribute when you want.
>
> e.g. map it to Tmp-String-0, (ldap.attrmap), and then do:
>
>
> if (... i want to send vlan) {
> update reply {
> Tunnel-Private-Group-Id = "%{Tmp-String-0}"
> ...
> }
> }
OK getting closer...
ldap.attrmap contains:
replyItem Tmp-String-0 destinationindicator
post-auth section contains:
if ((!reply:Tmp-String-0) || (reply:Tmp-String-0 == "")) {
update reply {
Tunnel-Private-Group-Id = "666"
}
}
else {
update reply {
Tunnel-Private-Group-Id = "%{Tmp-String-0}"
}
}
debug output shows:
++? if ((!reply:Tmp-String-0) || (reply:Tmp-String-0 == ""))
?? Evaluating !(reply:Tmp-String-0) -> TRUE
?? Evaluating (reply:Tmp-String-0 == "") -> FALSE
++? if ((!reply:Tmp-String-0) || (reply:Tmp-String-0 == "")) -> FALSE
++- entering else else
expand: %{Tmp-String-0} ->
So Tmp-String-0 supposedly is there, and isn't empty, but I cant get the
data out of it.
In the packet back it is set to:
Tunnel-Private-Group-Id:0 = ""
What am I missing?
Steve
--
Steven Carr
Systems Development Officer
SLS/ITS/Systems - (0191) 515 3953
signature.asc
Description: OpenPGP digital signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
