General Question..
Kris Benson
kbenson at sd57.bc.ca
Thu Aug 18 19:48:57 CEST 2005
FreeRadius users mailing list <freeradius-users at lists.freeradius.org> on
August 17, 2005 at 15:47 -0800 wrote:
>Can we use Radius/LDAP to do this.
>What I was hope we can do is as follow:
>everyone will get one user-id/password But for every service we will
>create
>a boolean attribute. All services, dialup/wireless/vpn/etc will use one
>radius server for both Auth(authenticate/authorize).
>The question is can FreeRadius(or any radius) be configured to as the
>LDAP
>for the correct service attribute and give access both base on the
>user-id/password and what the value of the services?
Sort of.
The best bet is to use the LDAP "posixgroup" objectclass -- then you can
force certain radius clients to require a specific group membership.
Let me know when you get closer to implementation and I can help you with
some config files.
-kb
--
Kris Benson, CCP, I.S.P.
Technical Analyst, District Projects
School District #57 (Prince George)
More information about the Freeradius-Users
mailing list