Help with LDAP groupOfNames?
Ivan Kalik
tnt at kalik.net
Thu Apr 16 18:25:42 CEST 2009
>I can't seem to find anything concrete online for freeradius1 relating to
groupOfNames, so I've just been trying random things that I found online
(for raddb/users) hoping one would work.
>
>RELEVANT CONFIGS (only relevant portions, comments removed)
>raddb/sites-enabled/default:
>authorize {
> ldap
>}
>authenticate {
> Auth-Type LDAP {
> ldap
> }
>
>}
And did you find that any part of documentation suggesting that you should
cripple the server and then wonder why it's not working? Or does it say:
"use default configuration and make only small changes"? Now, go back to the
default configuration, configure *only* ldap module, disable ldap
authentication (without the password in the request it can't work as it is
clearly stated in ldap module) set_auth_type = no. Add this unlang
statements to authorize:
if(Ldap-Group == "WirelessUsers") {
update control {
Auth-Type := Accept
}
}
else {
reject
}
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list