LDAP groups and attributes

Jethro Carr jethro.carr at jethrocarr.com
Wed Mar 10 12:56:01 CET 2010

On Thu, 2010-03-04 at 17:28 +1300, Peter Lambrechtsen wrote:
> Jethro
> The eaist way is as per what I e-mailed to you.
> http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg00001.html
> This means you only need to create groups in your LDAP directory.  It
> also means you don't need to extend the LDAP Schema to do this.
> And use the Postauth_users & Host Groups file to determine which
> server you are allowed to login from.
> I have yet to find a better or easier way to do things.

Many thanks to Peter as well as John, Robert and others who replied.

The solution at the URL above worked well for me and my FreeRadius
deployment is able to fetch radius attributes from both the user or the
group the user belongs to.

Thanks for the help guys! :-)


Jethro Carr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100311/9e825e75/attachment.pgp>

More information about the Freeradius-Users mailing list