Help on TLS+Active Directory

tnt at kalik.net tnt at kalik.net
Thu Dec 3 00:48:20 CET 2009


>> Read doc/rlm_ldap, bit about access attribute.
>>
>> Ivan Kalik
>
> Thanks Ivan.
>
> My problem is that it seems that even if the user is not allowed to login
> according to ldap (account doesn't exist or is disabled), access is
> granted as long as the certificate is valid.

Lets try again:

"Read doc/rlm_ldap, bit about access attribute."

Your problem is that you haven't set up ldap to reject users without valid
accounts. How do you do that? Read the document and find out.

Ivan Kalik




More information about the Freeradius-Users mailing list