2015-03-25 22:26 GMT+01:00 Jose Torres-Berrocal <jetsystemservices@gmail.com>:
I do not think what I need is nonstandard.
Let me explain my need in non technical way. I need the users to enter username and password. Compare the username/password against Active Directory, then extract the Groups the user belong to and compare/verify it includes the Group set up in Radius LDAP config. If match pass, else reject.
Where in the Radius LDAP config did you set up the Group? In groupmembership_attribute? Have you already modified the groupmembership_filter to match your MS AD schema? Do you only want to authenticate users in the group InternetAccess with Radius or also users of other groups?
Maybe this can be done with any combination of the normal filter, base filter, group membership filter, group attribute, etc.