LDAP Authentication.

scatmanwalks scatmanwalks at gmail.com
Wed Mar 23 07:18:10 CET 2016


Hi,

I have LDAP authentication working fine, checked and tested.  Incurred a
little problem when integrating with the device, because of EAP, but now
using two-stage with inner-tunnel to get around this.

Now, all that I'm left with, is how to filter out the users.  I have two
filters that I want to use from OpenLDAP.  They are as follows:

accountStatus
enabledService

I want it to check these two variables, and based on the results to accept
or reject the users.  So, firstly, if accountStatus = active, the user will
be accepted.  The second variable enabledService = wifi, if this also
matches, it means they are allowed to use the WIFI network.

I already have the default filter:

        filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"

so not sure if I just need to edit this appropriately, or another way?

Regards


Ian


More information about the Freeradius-Users mailing list