Integrate ldap query to freeradius

Martin Gignac martin.gignac at gmail.com
Thu Mar 7 20:03:37 CET 2019


This might not help you at all, but I myself wanted to base Access-Accept
and Access-Reject decisions based on LDAP group memberships and other
factors. What I ended up doing was implementing the logic in a Go program
using a web framework and having that program perform the LDAP query and
make all the Accept/Reject decisions based on the obtained group membership
information. I then used the FreeRADIUS REST module to communicate the
RADIUS attributes to the Go program and use the HTTP result code returned
to Accept or Reject the request.

Perhaps I could have achieved something similar with Unlang (or perhaps
not), but I felt more comfortable implementing the logic in Go.

-Martin

On Thu, Mar 7, 2019 at 1:55 PM Rong Wang <rzwang at scu.edu> wrote:

> This is part of my problem as well. I am trying to get the group name of
> the LDAP user and write policy based on the group name and user attributes.
> I have no idea how to do it. Can anyone please help?
>
> Thank you!
> Rong
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list