Yohoo!
LDAP advantage is that you can get more information out of the AD...which is what io believe is the desire in this case
Gotcha! :) My google-searches hat driven me into the direction to use _only_ ntlm_auth for authentication vs. AD. Meanwhile I had also triggered out the needed groups-settings. Just for completeness the settings for the groups: ----snip------- /etc/raddb/radiusd.conf [...] groupname_attribute = "cn" groupmembership_filter = "(|(&(objectClass=group)(member=%{Ldap-UserDn}))(& (objectClass=top)(uniquemember=%{Ldap-UserDn})))" groupmembership_attribute = memberOf [...] ----snip------- /etc/raddb/users DEFAULT Ldap-Group == "Cisco-RW" Auth-Type := LDAP DEFAULT Ldap-Group == "Cisco-RO" Auth-Type := LDAP DEFAULT Auth-Type := Reject Reply-Message = "No access." ----snip------- Works fine here. Is there the need of a short howto for the doc/ ? Greets Christian
Am Montag, 14. November 2005 13:07 schrieb Christian:
Yohoo! (...) Works fine here. Is there the need of a short howto for the doc/ ?
Definitely yes ! -- Dr. Michael Schwartzkopff MultiNET Services GmbH Bretonischer Ring 7 85630 Grasbrunn Tel: (+49 89) 456 911 - 0 Fax: (+49 89) 456 911 - 21 mob: (+49 174) 343 28 75 PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B Skype: misch42
participants (2)
-
Michael Schwartzkopff -
Völker, Christian