Jethro<br><br>The eaist way is as per what I e-mailed to you.<br><br><a href="http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg00001.html">http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg00001.html</a><br>
<br>This means you only need to create groups in your LDAP directory. It also means you don't need to extend the LDAP Schema to do this.<br><br>And use the Postauth_users & Host Groups file to determine which server you are allowed to login from.<br>
<br>I have yet to find a better or easier way to do things.<br><br>Thanks<br><br>Peter<br><br><div class="gmail_quote">On Thu, Mar 4, 2010 at 5:19 PM, Jethro Carr <span dir="ltr"><<a href="mailto:jethro.carr@jethrocarr.com">jethro.carr@jethrocarr.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="im">On Mon, 2010-03-01 at 17:42 -0500, John Dennis wrote:<br>
> If I understand correctly what you would like to do then check out<br>
> "profiles" in the ldap_howto.txt. A profile is a way to associate a set<br>
> of attributes (e.g. the profile) with a user.<br>
<br>
</div>thanks John, Robert and off-listers,<br>
<br>
<br>
Looking at the ldap_howto.txt file and the responses I've had it seems<br>
that I need to:<br>
<br>
1. Define groups/profiles in LDAP<br>
<br>
2. Set attributes for the users stating which groups they belong to, eg<br>
using the radiusGroupName LDAP attribute.<br>
<br>
3. Map the groups to NASes using huntgroups or users file.<br>
<br>
<br>
Going to give it a try and will post back with how I get on. Thanks for<br>
the help guys. :-)<br>
<div class="im"><br>
<br>
<br>
> > thanks in advance for any help! :-)<br>
> ><br>
> > FreeRadius version is 1.1.3 (RHEL 5 build) if that's important.<br>
><br>
> BTW, you can find a current 2.1.8 build for RHEL 5 by visiting<br>
> <a href="http://wiki.freeradius.org/RedHat_FAQ" target="_blank">http://wiki.freeradius.org/RedHat_FAQ</a><br>
<br>
</div>Thanks, but FYI, that page is blank.<br>
<div><div></div><div class="h5"><br>
regards,<br>
jethro<br>
<br>
<br>
--<br>
Jethro Carr<br>
<a href="http://www.jethrocarr.com/index.php?cms=blog" target="_blank">www.jethrocarr.com/index.php?cms=blog</a><br>
<a href="http://www.amberdms.com" target="_blank">www.amberdms.com</a><br>
</div></div><br>-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br></blockquote></div><br>