MSSCHAP auth + LDAP authorizaton

Andres Septer andres.septer at navirec.com
Tue Apr 3 11:05:20 CEST 2012


I have working radius - AD authentication via winbind (MSCHAP challnge-response).
But I do not want to give all domain users ability to use VPN. I want to use special AD group.
I have considered LDAP authorization. I've read this manual
http://wiki.freeradius.org/Rlm_ldap
and configured correct ldap bind values but now I'm pretty much lost
How to tell freeradius, that after successful MSCHAP auth against AD it must browse AD via LDAP and check that te username belongs to specified group?
Any suggestions of documentation that will help, would be appriciated.

Andres Septer


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120403/b1035886/attachment.html>


More information about the Freeradius-Users mailing list