LDAP OU based authentication

Tom Yard tomyyard at gmail.com
Tue Oct 30 15:27:39 CET 2018


Dear people, I have a Freeradius 2.2.5 authenticating against Active
Directory (LDAP).

Past week, the AD contained groups and users, and in freeradius I used this
option OK and I could authenticate users belonging to WiFi group with the
corresponding User-Name:

If (LDAP-Group == "WiFi") ...

But now, the AD has changed and it hasn't groups anymore. So I have to do
an OU based authentication for the users:

Basedn: OU=technology,OU=mexico,DC=company,DC=com

I've read that DN's are also accepted as LDAP-Group values, so now I'm
using this condition:

If (LDAP-Group == "OU=technology,OU=mexico,DC=company,DC=com")...

but it doesn't work.

Please how can I authenticate users in accordance with their OU and not
their groups?

Thanking in advance, regards.

Tommy


More information about the Freeradius-Users mailing list