Hi Jeremy,
> First, I read the mailinglist; I don't need an additional copy of every mail to it.
>
> Second, trim your inclusions and don't top-post. By not doing so you are
> implying that your time writing is more valuable than my time reading.
sorry for that. It was the damn outlook web access that totally wrapped my mail.
> You've worked out how to use ${extract } to get the userPassword attribute
> from the lookup return; take that and wrap it in a ${listextract } to get the
> first value of the attribute:
>
> ${listextract {1}{attribute_value}}
>
that does the trick.
Now my config looks like this, the double commas are gone and crypteq works as expected:
plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = ${if or {\
{crypteq{$auth3}{${listextract{1}{<, ${extract{userPassword}{LDAP_LOOKUP_USER_PLAIN}}}}}}\
{crypteq{$auth3}{${listextract{1}{<, ${extract{adminPassword}{LDAP_LOOKUP_USER_PLAIN}}}}}}\
}{yes}{no}}
server_set_id = $auth2
login:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
server_condition = ${if or {\
{crypteq{$auth2}{${listextract{1}{<, ${extract{userPassword}{LDAP_LOOKUP_USER_LOGIN}}}}}}\
{crypteq{$auth2}{${listextract{1}{<, ${extract{adminPassword}{LDAP_LOOKUP_USER_LOGIN}}}}}}\
}{yes}{no}}
server_set_id = $auth1
many thanks,
Daniel
