|
|
|---|
| 0 |
-- default 2023-05-12 16:17:27.040000000 +0200 |
0 |
++ ../server-available_default 2023-05-12 16:15:54.616000000 +0200 |
|
|
|---|
| 761 |
if ("%{ldap:ldap:///dc=domain,dc=net?uid?sub?(uid=%{User-Name})}") { |
761 |
|
|
|
762 |
if ("%{ldap:ldap:///dc=domain,dc=net?uid?sub?(macAddress=%{User-Name})}") { |
| 763 |
# For known users as well for known machines we take the vlan-id from the group the user/machine is member of. |
| 764 |
# In case there are assignments for several groups the first vlan-id is automatically taken. |
| 765 |
update request { |
| 766 |
User-Name := "%{ldap:ldap:///dc=domain,dc=net?uid?sub?(macAddress=%{User-Name})}" # The uid attribute in the ldap object is filled with the host name and a trailing dollar sign. |
| 767 |
} |
| 768 |
if ("%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(macAddress=%{User-Name})(univentionObjectType=groups/group)(univentionVlanId=*))}") { |
| 769 |
update reply { |
| 770 |
Reply-Message := "DEBUG: Assigning VLAN-ID from user / computer object" |
| 771 |
Tunnel-Type := VLAN |
| 772 |
Tunnel-Medium-Type := IEEE-802 |
| 773 |
Tunnel-Private-Group-Id := "%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(|(memberUid=%{User-Name})(macAddress=%{User-Name}))(univentionObjectType=groups/group)(univentionVlanId=*))}" |
| 774 |
} |
| 775 |
} |
| 776 |
# If we can't find a matching VLAN ID for the user or machine client in LDAP, we return the default VLAN ID, if configured. |
| 777 |
# If no default vlan-id is configured in ucr we do not return any vlan information |
| 778 |
elsif ("1") { |
| 779 |
update reply { |
| 780 |
Reply-Message := "DEBUG: Not found, assigning default VLAN-ID" |
| 781 |
Tunnel-Type := VLAN |
| 782 |
Tunnel-Medium-Type := IEEE-802 |
| 783 |
Tunnel-Private-Group-Id := "1" |
| 784 |
} |
| 785 |
} |
| 786 |
} |
| 787 |
|
| 762 |
if ("%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(memberUid=%{User-Name})(univentionObjectType=groups/group)(univentionVlanId=*))}") { |
788 |
if ("%{ldap:ldap:///dc=domain,dc=net?uid?sub?(|(uid=%{User-Name})(macAddress=%{User-Name}))}") { |
| 763 |
Tunnel-Private-Group-Id := "%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(memberUid=%{User-Name})(univentionObjectType=groups/group)(univentionVlanId=*))}" |
789 |
if ("%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(|(memberUid=%{User-Name})(macAddress=%{User-Name}))(univentionObjectType=groups/group)(univentionVlanId=*))}") { |
|
|
790 |
Tunnel-Private-Group-Id := "%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(|(memberUid=%{User-Name})(memberUid=%{1}))(univentionObjectType=groups/group)(univentionVlanId=*))}" |