LDAP and FreeRadius Authentication - One user, multiple groups
Dusty Doris
freeradius at mail.doris.cc
Fri Jul 22 19:19:48 CEST 2005
On Fri, 22 Jul 2005, Mark Litchfield wrote:
> Using:
> FreeRadius 1.0.4
> OpenLDAP 2.2.27
> FreeBSD 5.4
>
> We are trying to get FreeBSD to allow a user to be a member in multiple
> groups. Here's roughly the way we have the tree laid out.
>
> dc: treeroot
> |_ou: accounts
> | |_ou: domain1
> | | |_uid: joe
> | | mail: joe at domain1
> | |_ou: domain2
> | |_uid: joe
> | mail: joe at domain2
> |_ou: groups
> |_cn: group1
> | uniqueMember: uid=joe,ou=domain1,ou=accounts,dc=treeroot
> |_cn: group2
> | uniqueMember: uid=joe,ou=domain2,ou=accounts,dc=treeroot
> |_cn: group3
> | uniqueMember: uid=joe,ou=domain1,ou=accounts,dc=treeroot
> |_uniqueMember: uid=joe,ou=domain2,ou=accounts,dc=treeroot
>
> I have freeradius and LDAP authenticating nicely. The problem I am
> running into is that when I id a user, it only shows the primary group
> that user is a member of. How can I get FreeRadius to report the other
> groups that the user belongs to?
>
> Mark Litchfield
Sorry I don't understand. Can you explain what you mean by "only shows
the primary group" and "report the other groups". Report to what?
Perhaps some radiusd -X output and an explanation of what you are trying
to do would help.
More information about the Freeradius-Users
mailing list