(RADIATOR) Reversing a PreAuthHook
Peter Bates
peter.bates at lshtm.ac.uk
Wed Sep 27 05:40:23 CDT 2006
Hello all...
On Wed, 27 Sep 2006, Hugh Irvine wrote:
> I am not an LDAP expert, so you should check with someone who is (or
> find an LDAP reference manual), but my understanding is that you can
> express negation with the "!" character in a search filter. So
> instead of what you show below, it would look more like this:
>
> (&(%0=%1)(objectClass=inetOrgPerson)(!groupMembership=cn=RADIUS-
> Users<snip>))
>
> You will obviously need to check the syntax and do some testing to
> verify correct operation.
After wrestling with RFC2254, the final syntax was:
(&(%0=%1)(objectClass=inetOrgPerson)(!(groupMembership=cn=<snip>)))
not enough closing brackets and the negating operator
in the wrong place in my earlier attempts!
Thanks again.
------------------------------------------------------------>
Peter Bates, Systems Support Officer, Network Support Team.
London School of Hygiene & Tropical Medicine.
Telephone:0207-958 8353 / Fax: 0207- 636 9838
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list