How to use LDAP Group attributes in post-auth section?
uj2.hahn at posteo.de
uj2.hahn at posteo.de
Wed Jan 8 18:26:13 CET 2020
Hi!
I use freeradius 3.0.17 with LDAP module for a school.
There are different LDAP groups (e.g. students and teacher).
WLAN login time should be limited but differently for different groups.
In freeradius I already extracted the LDAP group the user belongs to and
I know
how to limit the logintime (Current-Time == "wk1602-0800") or so.
But of course I don't want to hardcode the group specific time strings.
Idea is to define group attributes in LDAP which contain these strings.
- Is it possible to map _group _specific attributes into LDAP module of
freeradius,
may be some code snippets as template....
- so far I use OpenLDAP as training vehicle. Here I can add a radius
scheme. But
final solution has to be (existing) Active Directory. Is above method
usable there
as well?
- May be there is a completely different solution out there I'm not
aware of.
Any hints are very welcome!
Thanks
Uwe
More information about the Freeradius-Users
mailing list