users advanced configuration

Tribes Tom tribes.tom at gmail.com
Fri May 16 13:04:31 CEST 2008


I have already test with group, it runs but i would like to avoir using
groups if it s possible

I prefer just use "ou". It will be much more easy for the administration.

Thks for the tip about Auth-Type



2008/5/16 Ivan Kalik <tnt at kalik.net>:

> Use groups in ldap and configure groupmembership part of radiusd.conf
> ldap configuration. Add users to the groups and use:
>
> DEFAULT   Ldap-Group = "heure", Max-Daily-Session := 3600
>
> to set the attributes. Don't use Auth-Type. Ldap module should set
> Auth-Type ldap (see set_auth_type configuration option) itself.
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
> Dana 16/5/2008, "tribestom" <tribes.tom at gmail.com> piše:
>
> >Hi
> >
> >I have a little hard to configure freeradius. here is what i want to
> >do :
> >
> >I want to run an hotspot with different accounts which give different
> >connection time.
> >
> >I have an openldap server  with this organisation :
> >
> >       dc=com
> >          |
> >       dc=exempl
> >
> >       |       |
> >   ou=heure    ou=jour
> >    |             |
> > uid=user1      uid=user2
> >
> >
> >What i have running now :
> >
> >I can authenticate a users with a time limit.
> >
> >Here is my users file :
> >
> >DEFAULT        Auth-Type = ldap,Max-Daily-Session := 3600
> >
> >I want add a second line with correspond to a day like this :
> >
> >DEFAULT        Auth-Type = ldap,Max-Daily-Session := 86400
> >
> > and i want that user from ou=heure use the first one and user from
> >ou=jour use the policy with a day time
> >
> >which attribute should i add to this line or how should i do to realize
> >this. I haven t found any clue on the net how to do this.
> >
> >Here is my ldap conf in radiusd.conf :
> >
> >server = "192.168.20.240" # ip de la machine avec le serveur ldap
> >               identity = "cn=admin,dc=exempl,dc=lcom" # login sur le
> serveur ldap
> >               password = "******" # mots de passe sur le serveur ldap
> >               basedn = "dc=exempl,dc=com" # base de recherche sur le
> serveur ldap
> >               filter ="uid=%u" # filtre de recherche ( ici tout
> utilisateur )
> >               ldap_connections_number = 5 # nombre de tentative de
> connection
> >               timeout = 4
> >               timelimit = 3
> >               net_timeout = 1
> >               tls {
> >                       start_tls = no
> >               }
> >               dictionary_mapping = ${raddbdir}/ldap.attrmap
> >               edir_account_policy_check = no
> >
> >Sorry for my bad english and thanks for your help
> >
> >If you need more informations just tell me
> >
> >
> >Tribolet
> >Thomas
> >
> >
> >
> >
> >
> >-
> >List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> >
> >
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080516/60b02696/attachment.html>


More information about the Freeradius-Users mailing list