|
0 |
-- default 2023-05-12 16:17:27.040000000 +0200 |
0 |
++ ../server-available_default 2023-05-12 16:15:54.616000000 +0200 |
|
761 |
if ("%{ldap:ldap:///dc=domain,dc=net?uid?sub?(uid=%{User-Name})}") { |
761 |
|
|
|
762 |
if ("%{ldap:ldap:///dc=domain,dc=net?uid?sub?(macAddress=%{User-Name})}") { |
763 |
# For known users as well for known machines we take the vlan-id from the group the user/machine is member of. |
764 |
# In case there are assignments for several groups the first vlan-id is automatically taken. |
765 |
update request { |
766 |
User-Name := "%{ldap:ldap:///dc=domain,dc=net?uid?sub?(macAddress=%{User-Name})}" # The uid attribute in the ldap object is filled with the host name and a trailing dollar sign. |
767 |
} |
768 |
if ("%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(macAddress=%{User-Name})(univentionObjectType=groups/group)(univentionVlanId=*))}") { |
769 |
update reply { |
770 |
Reply-Message := "DEBUG: Assigning VLAN-ID from user / computer object" |
771 |
Tunnel-Type := VLAN |
772 |
Tunnel-Medium-Type := IEEE-802 |
773 |
Tunnel-Private-Group-Id := "%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(|(memberUid=%{User-Name})(macAddress=%{User-Name}))(univentionObjectType=groups/group)(univentionVlanId=*))}" |
774 |
} |
775 |
} |
776 |
# If we can't find a matching VLAN ID for the user or machine client in LDAP, we return the default VLAN ID, if configured. |
777 |
# If no default vlan-id is configured in ucr we do not return any vlan information |
778 |
elsif ("1") { |
779 |
update reply { |
780 |
Reply-Message := "DEBUG: Not found, assigning default VLAN-ID" |
781 |
Tunnel-Type := VLAN |
782 |
Tunnel-Medium-Type := IEEE-802 |
783 |
Tunnel-Private-Group-Id := "1" |
784 |
} |
785 |
} |
786 |
} |
787 |
|
762 |
if ("%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(memberUid=%{User-Name})(univentionObjectType=groups/group)(univentionVlanId=*))}") { |
788 |
if ("%{ldap:ldap:///dc=domain,dc=net?uid?sub?(|(uid=%{User-Name})(macAddress=%{User-Name}))}") { |
763 |
Tunnel-Private-Group-Id := "%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(memberUid=%{User-Name})(univentionObjectType=groups/group)(univentionVlanId=*))}" |
789 |
if ("%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(|(memberUid=%{User-Name})(macAddress=%{User-Name}))(univentionObjectType=groups/group)(univentionVlanId=*))}") { |
|
|
790 |
Tunnel-Private-Group-Id := "%{ldap:ldap:///dc=domain,dc=net?univentionVlanId?sub?(&(|(memberUid=%{User-Name})(memberUid=%{1}))(univentionObjectType=groups/group)(univentionVlanId=*))}" |