Multiple LDAP Configurations on a single freeradius daemon

Nils Cant nils.cant at eservglobal.com
Tue Mar 10 15:59:10 CET 2009


Hi,

I'm looking for the best way of configuring freeradius (either version
1.1.3 or version 2.1.1) with two separate LDAP configurations.

The reason for this, is we've got two different NAS' (VPN client and
WIFI) both querying freeradius with LDAP backend for authentication and
authorization, but we want to be able to control access to both services
with an ldap "accessTo" attribute:

ldap {
  server = "10.0.0.2"
  identity = "uid=radiusadmin,ou=system,dc=test,dc=com"
  password = "radiustest"
  basedn = "dc=test,dc=com"

filter="(&(|(accessTo=WIFI_FR)(accessTo=WIFI_ALL))(uid=%{Stripped-User-Name:-%{User-Name}}))"

  base_filter = "(objectclass=radiusprofile)"


...

Anybody got any suggestions on how to have two ldap configurations (two
different filters) and have those assigned to a NAS/Client?


Thanks in advance,

Nils




More information about the Freeradius-Users mailing list