Hi stefano,

I am trying to do similar what you have already done. I use AD for user authentication and trying to authorize users via our openldap based on group id (gid), I want to allow uses if they are exist in our LDAP from gid let say (600-700), if they are not in this range reject them with message "user doe not exist in LDAP". Do you have any suggestion or example ?

K


On Thu, Sep 20, 2012 at 3:44 PM, Stefano Zanmarchi <zanmarchi@gmail.com> wrote:
Thanks again, you pointed out a very important issue.
I'll definitively apply one of the two suggested methods to check if
the attribute is present before allowing a user access.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html