Riccardo Veraldi wrote: > First I need to extract the CN field (which can be done and I Already > did
You can't *extract* the CN field. You can *compare* the CN field to another value, as shown in the eap.conf file. > and I can set up > a list of allowed CN in hte users file), and after I need to do an LDAP > query to check for authorization. > How can I do the following in this exact order ? You edit the config files so that the "ldap" module is run after the "users" file. > LDAP authorization is tryed first then comes authentication or am I wrong ? Yes. > What I'd need is to extract the CN and check it against LDAP attributes... > How might I do it ? You can't. To do that, you will need to edit the source code to add that feature. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
