Freeradius with openldap

Mik J mikydevel at
Tue Nov 12 00:14:43 CET 2013

I've managed to set up freeradius with sql.
When a user authenticates, the freeradius server returns the nas some attributes. In my case:
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 4

Now I'm trying to use openldap to authenticate my user
# radtest myuser mypassword 1812 mysecret
This command works. The mysecret is stored into the nas table and myuser/mypassword is stored in the openldap server. So I would say that the connectivity with the ldap server works perfectly

But the command doesn't return the attributes I want.

In the file sites-enabled/default I have 

authorize {



I'm confuse how freeradius will proceed
- Search for myuser in the ldap using the account I provided in modules/ldap
- Check the users password

- Should openldap return the attributes I mentioned above or can this be done with mysql ?
- I'd like to return these attributes if myuser belongs to mygroup, mygroup is created in openldap and myuser belongs to mygroup
I've seen the section in modules/ldap but I don't know how to test if I configured is correct
groupname_attribute = cn
groupmembership_filter = "(&(objectclass=posixGroup)(memberUid=%u))"

Any advice is appreciated.

Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list