FreeRADIUS and LDAP Groups

tnt at kalik.net tnt at kalik.net
Sat Dec 13 14:34:45 CET 2008


You don't need Auth-Type Accept (it will let people in even if the
password is wrong). Processing of the users file stops with the first
match without Fall-Trough.

Ivan Kalik
Kalik Informatika ISP


Dana 12/12/2008, "Tim Gustafson" <tjg at soe.ucsc.edu> piše:

>> Add: DEFAULT   Auth-Type := Reject
>
>Awesome, that worked.
>
>So, if I wanted to enable multiple LDAP groups, would this be the correct syntax:
>
>DEFAULT LDAP-Group == foo, Auth-Type := Accept
>DEFAULT LDAP-Group == bar, Auth-Type := Accept
>DEFAULT LDAP-Group == baz, Auth-Type := Accept
>DEFAULT Auth-Type := Reject
>
>Tim Gustafson
>SOE Webmaster
>UC Santa Cruz
>tjg at soe.ucsc.edu
>831-459-5354
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>




More information about the Freeradius-Users mailing list