FreeRADIUS and LDAP Groups

tnt at tnt at
Sat Dec 13 14:34:45 CET 2008

You don't need Auth-Type Accept (it will let people in even if the
password is wrong). Processing of the users file stops with the first
match without Fall-Trough.

Ivan Kalik
Kalik Informatika ISP

Dana 12/12/2008, "Tim Gustafson" <tjg at> piše:

>> Add: DEFAULT   Auth-Type := Reject
>Awesome, that worked.
>So, if I wanted to enable multiple LDAP groups, would this be the correct syntax:
>DEFAULT LDAP-Group == foo, Auth-Type := Accept
>DEFAULT LDAP-Group == bar, Auth-Type := Accept
>DEFAULT LDAP-Group == baz, Auth-Type := Accept
>DEFAULT Auth-Type := Reject
>Tim Gustafson
>SOE Webmaster
>UC Santa Cruz
>tjg at
>List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list