fr group howto
tnt at kalik.net
tnt at kalik.net
Wed Dec 10 12:10:15 CET 2008
>> 2. I don't expand the vlanXY schema, I get user info(by samaccname)
>> contains "member of" attr, and in the freeradius user file I create
>> group. If group in the users file equals "member of" attrib send back
>> the vlan info to the switch:
>> (i know it is not good yet)
>> DEFAULT Ldap-Group == "cn=vlan10,ou=vlans,dc=test,dc=hu"
>> Tunnel-Type = VLAN,
>> Tunnel-Medium-Type = IEEE-802,
>> Tunnel-Private-Group-Id = 10,
>> Reply-Message = "You are in vlan 10"
>>
>> ldap modul:
>> groupname_attribute = cn
>> groupmembership_filter =
>> "(&(memberof=cn=vlan10,ou=vlans,dc=test,dc=hu)(samaccountname=%{mschap:user-name}))"
>>
>> ## i know it is bad, but what is the good
>>
I would go with that option.
>how can i make query for this:
>search for vlan(one group) which member's samaccountname equals "hege"
>
Read a ldap manual. Something like:
http://docs.sun.com/source/816-6696-10/cmdline.html#14656
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list