Dynamic VLAN attribute in LDAP or AD?
Gary Gatten
Ggatten at waddell.com
Tue Aug 18 20:43:59 CEST 2009
Hello, thanks for taking the time to read this. And thanks in advance
for the prompt replies!
I've read nearly all the docs and How To's I could find and none of them
(so far) address this. If I find an answer I'll be more than happy to
draft a How To as I would suspect this a desired solution.
So, I'm trying to use 802.1x dynamic VLAN assignment. I have this
working when I conf the "users" file. However, I don't want to
create/maintain the users file for 2,000 users!
Is there an attribute in AD / LDAP I can use for the dynamic VLAN?
Ideally I could do this at the "Group" level, such that when a user
moves from one group to another their automagically assigned to the
correct VLAN. If that's not possible, I COULD do it at the user level,
but again kinda a hassle to maintain.
Any thoughts / opinions would be GREATLY appreciated! In the mean time
I'll keep reading!
PS: The How To's have helped a LOT so far just getting to the point I'm
at! Without them it would've taken me 10x longer!
<font size="1">
<div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'>
</div>
"This email is intended to be reviewed by only the intended recipient
and may contain information that is privileged and/or confidential.
If you are not the intended recipient, you are hereby notified that
any review, use, dissemination, disclosure or copying of this email
and its attachments, if any, is strictly prohibited. If you have
received this email in error, please immediately notify the sender by
return email and delete this email from your system."
</font>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090818/5076b988/attachment.html>
More information about the Freeradius-Users
mailing list