30 Jul
2012
30 Jul
'12
1:28 p.m.
Thanks for your response, Alan. I'll give that a shot. Is it to correct to assume that the only additional thing I should need is to uncomment "ldap" in the authorize stanza of the inner-tunnel? I would imagine listing it after eap in the default server would have a large impact on performance. Dave On 2012-07-30, at 1:11 PM, Alan DeKok <aland@deployingradius.com> wrote:
David Aldwinckle wrote:
Is it possible to do LDAP group checking in post-auth of the default server even if the request is EAP?
Yes.
if (LDAP-Group == "banned") { reject } - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html