clash between group LDAP
Rohaizam Abu Bakar
haizam at myjaring.net
Thu Jul 21 09:33:51 CEST 2005
Dear all,
I've LDAP tree structure as below, to seperate ADSL & DIALUP. But
encounter one problem.. when userA = userB, LDAP will found userA's
account although userB that actually login. This maybe due to DEFAULT
sequence in users file.
Any idea to solve this ? thanks..
ou=AAA
|
|
----------------------------------
| |
ou=ADSL ou=DIALUP
dn: uid=userA,ou=ADSL,ou=AAA ... dn:
uid=userB,ou=DIALUP,ou=AAA....
serviceflag: ADSL serviceflag: DIALUP
Users:
====
DEFAULT ldapadsl-Ldap-Group == "ADSL", Autz-Type := ADSL,
Auth-Type := ADSL
DEFAULT ldapdialup-Ldap-Group == "DIALUP", Autz-Type := DIALUP,
Auth-Type := DIALUP
radiusd.conf
========
ldap ldapadsl {
basedn = "ou=ADSL,ou=AAA,ou=People,dc=jaring,dc=my"
groupname_attribute = serviceflag
}
ldap ldapdialup {
basedn = "ou=DIALUP,ou=AAA,ou=People,dc=jaring,dc=my"
groupname_attribute = serviceflag
authorize {
Autz-Type ADSL {
ldapadsl
}
Autz-Type DIALUP {
ldapdialup
}
}
authenticate {
Auth-Type ADSL {
ldapadsl
}
Auth-Type DIALUP {
ldapdialup
}
}
More information about the Freeradius-Users
mailing list