General Question..

Kris Benson kbenson at
Thu Aug 18 19:48:57 CEST 2005

FreeRadius users mailing list <freeradius-users at> on
August 17, 2005 at 15:47 -0800 wrote:
>Can we use Radius/LDAP to do this.
>What I was hope we can do is as follow:
>everyone will get one user-id/password But for every service we will
>a boolean attribute. All services, dialup/wireless/vpn/etc will use one 
>radius server for both Auth(authenticate/authorize).
>The question is can FreeRadius(or any radius) be configured to as the
>for the correct service attribute and give access both base on the 
>user-id/password and what the value of the services?

Sort of.

The best bet is to use the LDAP "posixgroup" objectclass -- then you can
force certain radius clients to require a specific group membership.

Let me know when you get closer to implementation and I can help you with
some config files.

Kris Benson, CCP, I.S.P.
Technical Analyst, District Projects
School District #57 (Prince George)

More information about the Freeradius-Users mailing list