Restrict access to certain groups
kevin leblanc
kevinzebeste at gmail.com
Tue Feb 10 13:54:07 CET 2009
To remember : I want only user1 can access to host1.
To illustrate it:
root
|
------------------
| |
hosts users
| |
-------- ----------
| | |
host1 user1 user2
|
| members:
|
user1
I find a possible way.
in radiusd.conf, I put:
groupname_attribute = "cn"
group_membership_filter =
(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))
In the users file, I put:
Ldap-Group == "XXXXX" Auth-Type:= LDAP
XXXXX will be the IP/hostname of the host which try to connect.
Is there any variable like %{LDAP-UserDN} which could give me this
information ??
thanks for any help
--
KeV
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090210/bd606cd5/attachment.html>
More information about the Freeradius-Users
mailing list