radius x509 authentication + LDAP ? [SEC=UNCLASSIFIED]
Riccardo Veraldi
Riccardo.Veraldi at cnaf.infn.it
Mon May 26 21:14:27 CEST 2008
Alan DeKok wrote:
> Riccardo Veraldi wrote:
>
>> I will try to put all the people I do not want to authenticate to a
>> specific LDAP group,
>> anyway I do not know how to do it using the users file to reject a
>> specific LDAP group
>>
>
> You use the LDAP-Group attribute to match the users, and then set
> Auth-Type to reject.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
I would like to add a control to users file in which O and OU field of
certificate are checked,
so I can reject users not belonging to a certain OU. Do I have to modify
tls.c ?
Might you give me a small hint about the source files involved ?
thank you
Riccardo
More information about the Freeradius-Users
mailing list