LDAP Group Default
Brian Candler
b.candler at pobox.com
Fri Nov 18 12:25:14 CET 2016
On 18/11/2016 10:46, Albert K wrote:
> Hi,
>
> I have want to the login user to be authorized according to their user
> grouping in Microsoft AD and also a catch all default. At the moment I am
> testing with two DEFAULT. Is it possible to do a Catch all DEFAULT. My
> example below only catch non hod group. Any help would be much
> appreciated. Thank you.
>
>
>
The first match causes subsequent matches to be skipped, unless you also
set Fall-Through = Yes. So you can just change it to:
>
> DEFAULT Ldap-Group == "cn=hod,cn=users,dc=smartoptz,dc=com"
> Tunnel-Type = VLAN,
> Tunnel-Medium-Type = IEEE-802,
> Tunnel-Private-Group-Id = "30"
>
> DEFAULT
> Tunnel-Type = VLAN,
> Tunnel-Medium-Type = IEEE-802,
> Tunnel-Private-Group-Id = "40"
>
More information about the Freeradius-Users
mailing list