20 Jul
2005
20 Jul
'05
4:07 p.m.
On Wed, 20 Jul 2005 jp@joshmp.com wrote:
My fault...members of that group are DENIED access. Now I get.
So, that leads me to another question. How do I change the syntax so that users are ALLOWED access if they are a member of the specified group? I tried changing the line in the users file to Auth-Type := Allow, but this didn't work. Unfortunately, I can't find anything on this in rlm_ldap or FAQ.
Thanks in advance,
Josh
Just think backwards. DEFAULT Ldap-Group == "cn=remoteusers,o=services" DEFAULT Auth-Type := Reject Reply-Message = "Your account has been disabled" That will see if you match Ldap-Group, if not, you won't match that line in the users file so it will try the next line. The next line rejects everyone.