LDAP auth and different use of access_attr

Alan DeKok aland at ox.org
Mon Feb 27 21:03:23 CET 2006

John Keimel <jkeimel at bowdoin.edu> wrote:
> What we'd rather do is allow access based on the value of access_attr . 
> So rather than just allowing if it exists, we might later pass on some 
> extra rights to people in different groups. vpntype: foo    or   
> vpntype: bar   vpntype: baz  - whatever those values might be.

  Use LDAP-Group.

  Alan DeKok.

More information about the Freeradius-Users mailing list