Troube with matching LDAP group membership in authorize
Alan DeKok
aland at deployingradius.com
Wed Jan 31 07:54:21 CET 2007
Richard Hesse wrote:
> Rather disappointing that this limitation still exists from 2 years ago.
As always, patches are welcome.
> Does FR2.0 have some sort of object-based virtualization that would support this?
> Like, a "LDAP group" object which you could tie LDAP instances to and make the check there?
No, but we'd welcome patches.
In any case, if you carefully read the text you quoted, you'll see a
solution that doesn't require patches: List ALL ldap modules in the
"instantiate" section, and list "ldap_enable" last.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list