LDAP authorization
Matthew Ceroni
matthewceroni at gmail.com
Thu Mar 7 01:55:42 CET 2013
I am using LDAP authorization. What I am looking to accomplish is to
reject/deny (so not even attempt authentication) for disabled users.
I am authentication against AD (use LDAP for authorize and ntlm for
authentication).
If I were to search for all none disabled users using ldapsearch, the
filter query for this would
be: !(userAccountControl:1.2.840.113556.1.4.803:=2)
That is the part that limits the results to only enabled users. Wondering
how I would do this in FreeRadius? Even on a more general level how I would
reject based off certain returned attributes.
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130306/b27c1e31/attachment.html>
More information about the Freeradius-Users
mailing list