[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: Freeradius 3. How to stop processing when ldap got the successful match.
From: Alan DeKok <aland () deployingradius ! com>
Date: 2020-08-24 11:22:53
Message-ID: C36F5408-E44E-457A-8985-7D6C0526B2D1 () deployingradius ! com
[Download RAW message or body]
On Aug 24, 2020, at 5:44 AM, Ramon Escribà Lemiña <escriba@cells.es> wrote:
> in my old working freeradius 2.1, on /etc/raddb/sites-available/default, in \
> authorize section I have an ldap
> declaration to allow a successful match to stop any extra authorization process.
>
> So only gets the actual attributes got from ldap to answer the query discarding \
> adding other/default new ones stored in users files.
> "files" is after "ldap" in this case.
>
> VLANxxx {
> ok = return
> }
>
> On freeradius 3.0.17 this seems now working anymore, so it finally add the default \
> "users" file attributes. "files" is the last catch all too here.
That should work. It works here in the latest code, and we have automated tests \
for it in src/tests/keywords/ok-return. And that test hasn't changed since at least \
3.0.17.
> How can I tell freeradius 3 to stop processing, and get the already got ldap return \
> values as the good ones??
Show the full debug log. Maybe something else is happening.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic