Can you explain how to do this ? <br><br>I have try this : <br><br>DEFAULT Auth-Type = ldap,Max-Daily-Session := 3600,Ldap-UserDN := `uid=%{User-Name},ou=heure,dc=network,dc=local`<br>DEFAULT Auth-Type = ldap,Max-Daily-Session := 86400,Ldap-UserDN := `uid=%{User-Name},ou=jour,dc=network,dc=local`<br>
DEFAULT Auth-Type = ldap,Max-Daily-Session := 604800,Ldap-UserDN := `uid=%{User-Name},ou=semaine,dc=network,dc=local`<br> <br>But when i try with user from different ou, it always use the max-daily-session from the first policy<br>
<br><br>Thanks for help<br><br>Thomas<br>Tribolet<br><br><div class="gmail_quote">2008/5/19 Ranner, Frank MR <<a href="mailto:Frank.Ranner@defence.gov.au">Frank.Ranner@defence.gov.au</a>>:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>
<div><span style="font-size: 12pt; color: rgb(0, 0, 0); font-family: Arial,sans-serif; text-align: left;"><b>UNCLASSIFIED</b></span><br><br></div>
<div dir="ltr" align="left"><font color="#0000ff" face="Arial" size="2"><span>Why not test Ldap-UserDN using a regexp. It will
contain the users' OU as part of the full distinguished
name.</span></font></div>
<div dir="ltr" align="left"><font color="#0000ff" face="Arial" size="2"><span></span></font> </div>
<div dir="ltr" align="left"><font color="#0000ff" face="Arial" size="2"><span>regards,</span></font></div>
<div dir="ltr" align="left"><font color="#0000ff" face="Arial" size="2"><span>Frank Ranner</span></font></div><br>
<blockquote style="border-left: 2px solid rgb(0, 0, 255); padding-left: 5px; margin-left: 5px; margin-right: 0px;">
<div dir="ltr" align="left" lang="en-us">
<hr>
<font face="Tahoma" size="2"><b>From:</b>
freeradius-users-bounces+frank.ranner=<a href="http://defence.gov.au" target="_blank">defence.gov.au</a>@<a href="http://lists.freeradius.org" target="_blank">lists.freeradius.org</a>
[mailto:<a href="mailto:freeradius-users-bounces%2Bfrank.ranner" target="_blank">freeradius-users-bounces+frank.ranner</a>=<a href="http://defence.gov.au" target="_blank">defence.gov.au</a>@<a href="http://lists.freeradius.org" target="_blank">lists.freeradius.org</a>]
<b>On Behalf Of </b>Tribes Tom<br><b>Sent:</b> Friday, 16 May 2008
21:05<br><b>To:</b> FreeRadius users mailing list<br><b>Subject:</b> Re: users
advanced configuration<br></font><br></div>
<div></div>I have already test with group, it runs but i would like to avoir
using groups if it s possible<br><br>I prefer just use "ou". It will be much
more easy for the administration.<br><br>Thks for the tip about
Auth-Type<br><br><br><br>
<div class="gmail_quote">2008/5/16 Ivan Kalik <<a href="mailto:tnt@kalik.net" target="_blank">tnt@kalik.net</a>>:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Use
groups in ldap and configure groupmembership part of radiusd.conf<br>ldap
configuration. Add users to the groups and use:<br><br>DEFAULT
Ldap-Group = "heure", Max-Daily-Session := 3600<br><br>to set the
attributes. Don't use Auth-Type. Ldap module should set<br>Auth-Type ldap
(see set_auth_type configuration option) itself.<br><br>Ivan Kalik<br>Kalik
Informatika ISP<br><br><br>Dana 16/5/2008, "tribestom" <<a href="mailto:tribes.tom@gmail.com" target="_blank">tribes.tom@gmail.com</a>> piše:<br>
<div>
<div></div>
<div><br>>Hi<br>><br>>I have a little hard to
configure freeradius. here is what i want to<br>>do :<br>><br>>I
want to run an hotspot with different accounts which give
different<br>>connection time.<br>><br>>I have an openldap server
with this organisation :<br>><br>>
dc=com<br>> |<br>>
dc=exempl<br>><br>> |
|<br>> ou=heure ou=jour<br>> |
|<br>> uid=user1
uid=user2<br>><br>><br>>What i have running now
:<br>><br>>I can authenticate a users with a time
limit.<br>><br>>Here is my users file :<br>><br>>DEFAULT
Auth-Type = ldap,Max-Daily-Session :=
3600<br>><br>>I want add a second line with correspond to a day like
this :<br>><br>>DEFAULT Auth-Type =
ldap,Max-Daily-Session := 86400<br>><br>> and i want that user from
ou=heure use the first one and user from<br>>ou=jour use the policy with
a day time<br>><br>>which attribute should i add to this line or how
should i do to realize<br>>this. I haven t found any clue on the net how
to do this.<br>><br>>Here is my ldap conf in radiusd.conf
:<br>><br>>server = "<a href="http://192.168.20.240" target="_blank">192.168.20.240</a>" # ip de la machine avec le serveur
ldap<br>> identity =
"cn=admin,dc=exempl,dc=lcom" # login sur le serveur ldap<br>>
password = "******" # mots de
passe sur le serveur ldap<br>>
basedn = "dc=exempl,dc=com" # base de recherche sur le serveur
ldap<br>> filter
="uid=%u" # filtre de recherche ( ici tout utilisateur )<br>>
ldap_connections_number = 5 #
nombre de tentative de connection<br>>
timeout = 4<br>>
timelimit = 3<br>>
net_timeout = 1<br>>
tls {<br>>
start_tls = no<br>>
}<br>>
dictionary_mapping = ${raddbdir}/ldap.attrmap<br>>
edir_account_policy_check =
no<br>><br>>Sorry for my bad english and thanks for your
help<br>><br>>If you need more informations just tell
me<br>><br>><br>>Tribolet<br>>Thomas<br>><br>><br>><br>><br>><br></div></div>>-<br>>List
info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>><br>><br><br>-<br>List
info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br></blockquote></div><br></blockquote></div>
<br>-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br></blockquote></div><br>