LDAP and groups

is set. I need to authenticate members of a certain groups, and not of another ... Every doc I read mention that you have to create an attribute per user ... Any other way ? Regards, Jean-Francois Gobin - -- Jean-Francois Gobin - Administrateur gobinjf.be http://www.gobinjf.be mailto

Re: Receivin a full DN in a radius request

the source code yourself. We will *not* be accepting patches for something like this. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Jean-Francois Gobin - Administrateur gobinjf.be http://www.gobinjf.be mailto:[EMAIL PROTECTED] - List

Re: Receivin a full DN in a radius request

# do_xlat = yes # access_attr_used_for_allow = yes } On Tue, 13 Sep 2005, Nicolas Baradakis wrote: Jean-Francois Gobin wrote: rlm_ldap: - authorize rlm_ldap: performing user authorization for uid=P06227,ou=people,o=nrb,c=be radius_xlat: '(uid)' radius_xlat

Re: Receivin a full DN in a radius request

=uid), which corresponds to the truncating of my requesting DN. jF On Wed, 14 Sep 2005, Kostas Kalevras wrote: On Wed, 14 Sep 2005, Jean-Francois Gobin wrote: Here is my whole ldap definition : ldap { server = ldap..xxx # identity = cn=admin,o=My Org,c

Re: Receivin a full DN in a radius request

;-) Nope, I'm really logging with P06227. The system formulates it uid=P06227,o=nrb,c=be to the radius. And that's what I want to be forwarded to the ldap server. On Wed, 14 Sep 2005, Alan DeKok wrote: Jean-Francois Gobin [EMAIL PROTECTED] wrote: For now, when I implement your

Re: Receivin a full DN in a radius request

I included them previously. You can see in them that the system sends me what I want. But the FreeRadius doesn't use it like that in the LDAP query. On Wed, 14 Sep 2005, Alan DeKok wrote: Jean-Francois Gobin [EMAIL PROTECTED] wrote: Nope, I'm really logging with P06227. Then you

Re: Receivin a full DN in a radius request

Nope. I posted the config later, that's all. On Wed, 14 Sep 2005, Alan DeKok wrote: Jean-Francois Gobin [EMAIL PROTECTED] wrote: I included them previously. Before you edited your config. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Receivin a full DN in a radius request

Something (from memory) likes filter = (%u) jF On Tue, 13 Sep 2005, Nicolas Baradakis wrote: Jean-Francois Gobin wrote: rlm_ldap: - authorize rlm_ldap: performing user authorization for uid=P06227,ou=people,o=nrb,c=be radius_xlat: '(uid)' radius_xlat: ' ' rlm_ldap: ldap_get_conn

Receivin a full DN in a radius request

can find, nothing helped. Regards, Jean-Francois Gobin -- Jean-Francois Gobin - Administrateur gobinjf.be http://www.gobinjf.be mailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Receivin a full DN in a radius request

modcall: group authorize returns fail for request 1 So, the error is between the radius receives the packet and the rtm_ldap sends the packet to the server. It seems that radius_xlat truncates my username. On Mon, 12 Sep 2005, Nicolas Baradakis wrote: En réponse à Jean-Francois Gobin