LDAP group child domain

Alan DeKok aland at deployingradius.com
Sat Nov 10 15:26:29 CET 2012


Menard, Yannick wrote:
> The problem I am have now is; If I have a user group with the same name
> in my primary domain (tata) and in my child domain (toto.tata), the
> freeradius does not seems to see the difference (for exemple the domain
> users group).

  That's how it works, unfortunately.

> What I would like to do is write it like that:
> 
> DEFAULT Ldap-Group == “cn=groupname, ou=OUofGroup, dc=toto, dc=tata”

  No.  The LDAP group is the name of the group.  Nothing else.

> If anyone got some insight on how to solve this problem, I would greatly
> appreciate.

  If you want to query two domains, you'll need to configure two LDAP
modules.

  Alan DeKok.


More information about the Freeradius-Users mailing list