How to allow specific group users only to auth
Alan Buxey
alan.buxey at gmail.com
Wed May 9 20:05:48 CEST 2018
check the LDAP group (make a group that is relevant for device
login)...then for your kit you want to protect, create eg soem client
definition for it
and use unlang eg
client 127.0.0.1 {
...
...
netdevice = yes
..
}
if (&client:netdevice = yes && LDAP-Group != networkmgmt) {
On 9 May 2018 at 17:35, Mohiddin Shaik <kms31786 at gmail.com> wrote:
> Hello Everyone,
>
> We have freeradius server with freeipa server backend for ldap
> authentication.
>
> Currently we able to use and login freeipa ldap accounts using freeradius,
> each every user available on freeipa ldap is able to login in all devices
> where ever we configured freeradius. Some of the devices like network
> devices we want to restricted only specific users (group users) are allowed
> to login.
>
> I a very new to this i tried but i am unable to figure out where should i
> mention/put restriction to check users group and allow to login.
>
> Thanks,
> Mohiddin.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list