Hello All, I've got a question about the settings for limiting access/authenticating to a specific LDAP group. I have setup a group on my OpenLDAP called "RADIUS" and I want the users in there to be the only ones that have access. The problem I am having is with the filters. Below is my /etc/raddb/modules/ldap (given I cleaned up alot of the comments just for posting reasons) server = "example.com" port = "389" identity = "cn=example,dc=company,dc=local" password = xxxxx basedn = "ou=People,dc=company,dc=local" # access_attr = ? # filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})" # filter = "(objectclass=ogranizationalPerson)(de" # base_filter = "(objectclass=organizationalPerson)" ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 tls { start_tls = no # cacertfile = /path/to/cacert.pem # cacertdir = /path/to/ca/dir/ # certfile = /path/to/radius.crt # keyfile = /path/to/radius.key # randfile = /path/to/rnd # require_cert = "demand" } # default_profile = "cn=radprofile,ou=dialup,o=My Org,c=UA" # profile_attribute = "radiusProfileDn" # access_attr = "dialupAccess" # Mapping of RADIUS dictionary attributes to LDAP # directory attributes. dictionary_mapping = ${confdir}/ldap.attrmap password_attribute = userPassword auto_header = yes # groupname_attribute = cn # groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{control:Ldap-UserDn})))" # groupmembership_attribute = radiusGroupName # compare_check_items = yes # do_xlat = yes # chase_referrals = yes # set_auth_type = yes } -- View this message in context: http://freeradius.1045715.n5.nabble.com/LDAP-Search-Questions-tp5565845p5565... Sent from the FreeRadius - User mailing list archive at Nabble.com.