11 Jan
2012
11 Jan
'12
6:41 a.m.
Hi all, If you set up groups in the rlm_ldap module, and a user is found to match more than one group, that user is currently denied access. For example, you might have a "staff" and "student" group, and a staff member comes along and enrolls as a part time student, suddenly they unexpectedly lose access to radius because they are a member of both groups. The following patch adds the groupmembership_limit option, defaulting to 1 (the current behavior). It allows you to limit the number of groups a user might be a member of, or remove the limit entirely (set to zero). Regards, Graham --