[Patch] rlm_ldap: Allow users to match more than one group
Graham Leggett
minfrin at sharp.fm
Wed Jan 11 12:41:10 CET 2012
Hi all,
If you set up groups in the rlm_ldap module, and a user is found to match more than one group, that user is currently denied access.
For example, you might have a "staff" and "student" group, and a staff member comes along and enrolls as a part time student, suddenly they unexpectedly lose access to radius because they are a member of both groups.
The following patch adds the groupmembership_limit option, defaulting to 1 (the current behavior). It allows you to limit the number of groups a user might be a member of, or remove the limit entirely (set to zero).
Regards,
Graham
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeradius-server-groupmemb_limit.patch
Type: application/octet-stream
Size: 7951 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120111/61aee924/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4365 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120111/61aee924/attachment.bin>
More information about the Freeradius-Users
mailing list