LDAP-UserDn is in "control", not "request"

author Alan T. DeKok <aland@freeradius.org>

Tue, 25 Nov 2008 15:31:29 +0000 (16:31 +0100)

committer Alan T. DeKok <aland@freeradius.org>

Tue, 25 Nov 2008 15:31:29 +0000 (16:31 +0100)
author Alan T. DeKok <aland@freeradius.org>
Tue, 25 Nov 2008 15:31:29 +0000 (16:31 +0100)
committer Alan T. DeKok <aland@freeradius.org>
Tue, 25 Nov 2008 15:31:29 +0000 (16:31 +0100)
diff --git a/raddb/modules/ldap b/raddb/modules/ldap

index 2d7d2fd..e9e82db 100644 (file)
--- a/raddb/modules/ldap
+++ b/raddb/modules/ldap
@@ -126,7 +126,7 @@ ldap {
         #  Group membership checking.  Disabled by default.
         #
         # groupname_attribute = cn
-       # groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
+       # groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{control:Ldap-UserDn})))"
         # groupmembership_attribute = radiusGroupName
  
         # compare_check_items = yes
author	Alan T. DeKok <aland@freeradius.org>
	Tue, 25 Nov 2008 15:31:29 +0000 (16:31 +0100)
committer	Alan T. DeKok <aland@freeradius.org>
	Tue, 25 Nov 2008 15:31:29 +0000 (16:31 +0100)