Freeradius and Groups

Ben Humpert ben at an3k.de
Sat Jun 6 13:20:18 CEST 2015 

You can place it directly in sites-enabled/default but I prefer to
create a new policy file, put the code in there and in
sites-enabled/default just specify the policy. It keeps everything
clean ;)

2015-06-05 23:03 GMT+02:00 Hossein Rafighi <Hossein.Rafighi at triumf.ca>:
> Thanks for the reply. I will do the upgrade. However, which file/where would
> you add this unlang check? In users, or ....
>
> Hossein
>
> On 6/5/15 10:34 AM, Ben Humpert wrote:
>>
>> All that is required is a tiny unlang check.
>>
>> if (&LDAP-Group == "faculty") {
>> noop
>> }
>> else {
>> reject
>> }
>>
>> However, 2.1.12 only has rudimentary LDAP support. I don't know if
>> that will work on the old version. FR 3.x is much better and
>> additionally offers internal functions for group lookups. To use a
>> very famous quote from Alan "Upgrade to a newer version" :-)
>>
>> 2015-06-05 18:11 GMT+02:00 Hossein Rafighi <Hossein.Rafighi at triumf.ca>:
>>>
>>> Hi,
>>>
>>> I have freeradius-2.1.12-6.el6.x86_64 installed and working like a charm.
>>> I
>>> have multiple groups on a LDAP server students, faculty, visitors, and so
>>> on. I want to configure the radius servre to allow access to faculty
>>> members, but not others. How do I go about that? Does anyone have a
>>> step-by-step recipe?
>>>
>>>
>>> Many thanks in advance,
>>> Hossein Rafighi
>>>
>>> --
>>>   _____  _____   _____  _   _  _   _  ____ Hossein Rafighi
>>> |_   _||  _  \ |_   _|| | | || \_/ ||  __|TRIUMF, 4004 Wesbrook Mall
>>>    | |  | |_|  )  | |  | | | ||     || |__ Vancouver BC, Canada, V6T 2A3
>>>    | |  |  _  /   | |  | \_/ || \_/ ||  __|Voice: (604) 222-1047
>>>    | |  | | \ \  _| |_ |     || | | || |   Fax:   (604) 222-1074
>>>    |_|  |_|  \_\|_____| \___/ |_| |_||_|   Website: http://www.triumf.ca
>>>
>>> -
>>> List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
> --
>  _____  _____   _____  _   _  _   _  ____ Hossein Rafighi
> |_   _||  _  \ |_   _|| | | || \_/ ||  __|TRIUMF, 4004 Wesbrook Mall
>   | |  | |_|  )  | |  | | | ||     || |__ Vancouver BC, Canada, V6T 2A3
>   | |  |  _  /   | |  | \_/ || \_/ ||  __|Voice: (604) 222-1047
>   | |  | | \ \  _| |_ |     || | | || |   Fax:   (604) 222-1074
>   |_|  |_|  \_\|_____| \___/ |_| |_||_|   Website: http://www.triumf.ca
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list