OpenLDAP Groups

Alan DeKok aland at deployingradius.com
Mon Oct 21 15:12:31 CEST 2013


Jean Carlos Coelho wrote:
> Is there some way to configure free radius to use openldap groups?

  Yes.  Use the LDAP-Group attribute to check group membership.

> Like.. My user1 is group ceo and can connect to the wifi lan… but user2
> is at the group "nowifi" and then not allowed to connect at wifi lan.
> And is possible to identify the source of the connection? Some regex
> exp. Like:

  if (Packet-Src-IP-Address == wifi.ip) {
	if (LDAP-Group == "wifi") {
		# ... do things ...
	}
	else {
		reject
	}
  }

  Alan DeKok.


More information about the Freeradius-Users mailing list