Active directory groups
Phil Mayers
p.mayers at imperial.ac.uk
Fri May 20 16:26:29 CEST 2011
On 20/05/11 15:14, Doty, Seth wrote:
> I must be doing something wrong in my filtering because it keeps dumping
> me into unclassified instead of passing the group I assigned. I have
> setup a security group specifically for this test and i am indeed in the
> group.
>
> I set it up like this in sites-enabled/inner-tunnel because it seemed
> this manner was a little more flexible for our needs:
>
> post-auth {
> if (Ldap-Group == "CN=STNE_Wireless_Authentication,ou=Security
> Groups,ou=test,ou=test,dc=AD,dc=ne,dc=gov") {
This is wrong. You don't give the group DN. You give the value of
"groupname_attribute" in the ldap module, defaults to "cn", i.e.
post-auth {
if (Ldap-Group == STNS_Wireless_Authentication) {
..
}
}
More information about the Freeradius-Users
mailing list