Authenticate to AD but only allow certain group
Matt Zagrabelny
mzagrabe at d.umn.edu
Mon Feb 3 22:47:22 CET 2014
On Mon, Feb 3, 2014 at 3:33 PM, Brian C. Huffman
<bhuffman at etinternational.com> wrote:
> Which file and section should this go in?
I use FR from the Debian packages, so I am not exactly sure where your
installed configs are. Here is where I would put it:
/etc/freeradius/sites-available/default
in the post-auth section:
post-auth {
if ((Packet-Src-IP == 1.2.3.4) && !(LDAP-Group == "allowed-for-wireless)) {
reject
}
.
.
.
.
}
-mz
More information about the Freeradius-Users
mailing list