assigning vlan based on LDAP attribute
Thibault Le Meur
Thibault.LeMeur at supelec.fr
Fri Jul 28 22:36:34 CEST 2006
> One way to do that is to use LDAP groups. If your users are in
> dedicated LDAP groups, then a rule like the following in your "users"
> file will do the trick:
> DEFAULT Huntgroup-Name == myAP, Ldap-Group == Engineering
> User-Name=`%{User-Name}`,
> radiusTunnelMediumType: IEEE-802
> radiusTunnelType: VLAN
> radiusTunnelPrivateGroupId: 2
> Fall-Through = no
Sorry... my mistake, use the following rule instead:
DEFAULT Huntgroup-Name == myAP, Ldap-Group == Engineering
User-Name=`%{User-Name}`,
Tunnel-Medium-Type=IEEE-802
Tunnel-Private-Group-Id=2
Tunnel-Type=VLAN
Fall-Through = no
Thibault
More information about the Freeradius-Users
mailing list