Reply with group attribute
Markus Wernig
listener at wernig.net
Fri Mar 13 12:30:30 CET 2009
Hello all
I found some hint on how the VPN gateway expects the group information
from the RADIUS server to be presented:
--- QUOTE ---
To use RADIUS groups, you must define a return attribute on the RADIUS
Server, in the RADIUS user profile. This RADIUS attribute is returned to
the VPN gateway that contains the group name to which the user belongs.
By default the Class attribute is used (IETF RADIUS attribute number
25), though other RADIUS attributes can be used.
[...]
Modify the RADIUS users to include a “class” RADIUS attribute on the
users' Return list that corresponds to the Firewall user group they will
be using for their access.
[...]
--- UNQUOTE ---
So, the question is: How do I make freeradius return the users' group as
a "class" attribute in the authentication reply?
Thanks for any hint.
/markus
Markus Wernig wrote:
> What I'm looking for (and can't find in neither man nor wiki nor google)
> is how to send back the group an authenticated user is in together with
> the authentication result.
More information about the Freeradius-Users
mailing list