[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: I want to branch an ldap attribute
From:       Coy Hile <coy.hile () coyhile ! com>
Date:       2019-07-25 1:17:02
Message-ID: 0C249546-4056-475E-A023-F0BA735BA370 () coyhile ! com
[Download RAW message or body]


Please don't ever bemoan your skill with English. I assure you it is much better than \
many native English speakers (myself included!) would fare in a great many languages, \
especially when discussing technical topics. 


Sent from my iPhone

> On Jul 24, 2019, at 20:16, 西村暢敦 / NISHIMURA，NOBUATSU \
> <nobuatsu.nishimura.dg@ps.hitachi-solutions.com> wrote: 
> Thanks Alan and Matthew.
> 
> I'm sorry, my English is not good.
> 
> Solved with the following.
> 
> -------
> #! /bin/sh 
> # /usr/sbin/ldapvlan 
> 
> ldapsearch -x -LLL -h 10.0.0.xx -b dc=edu,dc=imc,dc=com \ 
> -D cn=master,dc=edu,dc=imc,dc=com -W mypasswd \ 
> '(uid='${1}')' radiusTunnelPrivateGroupId | sed -n 's/radiusTunnelPrivateGroupId: \
>                 //p' 
> -------
> 
> And then in the default faile I have
> 
> authorize {
> ...
> if (specific AP) {
> update reply {
> Tunnel-Private-Group-Id := "%{exec:/usr/sbin/ldapvlan %{User-Name}}"
> }
> }
> 
> We have got vlanid.
> 
> thanks
> 
> n.n
> 
> -----Original Message-----
> From: Freeradius-Users \
> <freeradius-users-bounces+nobuatsu.nishimura.dg=ps.hitachi-solutions.com@lists.freeradius.org> \
>                 On Behalf Of Alan DeKok
> Sent: Monday, July 22, 2019 7:56 PM
> To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
> Subject: [!]Re: I want to branch an ldap attribute
> 
> > On Jul 22, 2019, at 5:02 AM, 西村暢敦 / NISHIMURA，NOBUATSU \
> > <nobuatsu.nishimura.dg@ps.hitachi-solutions.com> wrote: authorize {
> > ...
> > if (specific AP) {
> > update reply {
> > Tunnel-Private-Group-Id := \
> > %{ldap:ldap:///ou=Users,dc=edu,dc=kkc,dc=imc,dc=com?uid?sub?uid=%u(radiusTunnelPrivateGroupId)}
> >  }
> > }
> > 
> > It will be an error. Do you understand the cause?
> 
> You need to quote the string, as I said to do.  See "man unlang" for documentation.
> 
> if (specific AP) {
> update reply {
> Tunnel-Private-Group-Id := \
> "%{ldap:ldap:///ou=Users,dc=edu,dc=kkc,dc=imc,dc=com?uid?sub?uid=%u(radiusTunnelPrivateGroupId)}"
>  }
> }
> 
> > Please tell me the solution.
> 
> Read the documentation.
> 
> > Below is my debug output
> 
> You're using "radiusd -Xx" when ALL of the documentation, and posts EVERY DAY on \
> this list say to use "radiusd -X" 
> If you're going to ignore the documentation, you will have a hard time configuring \
> the server. 
> Alan DeKok.
> 
> 
> -
> List info/subscribe/unsubscribe? See \
> https://clicktime.symantec.com/32xxRgbgA7qGH5v3rGs5yjb7Vc?u=http%3A%2F%2Fwww.freeradius.org%2Flist%2Fusers.html
>  
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]