Fwd: Dynamic VLAN assignment for Active Directory Users on Freeradius

Alan DeKok aland at freeradius.org
Wed Jul 2 15:22:37 CEST 2014

Bomongo Esse wrote:
> Thank you Alan,
> Just to tell you that the solution (freeradius) works well with Active
> Directory. I can authenticate Active Directory users through Freeradius.
> The main issue i encounter is to get the users assigned dynamically
> VLAN. I saw in a forum that we need to setup the file
> /etc/raddb/modules/ldap that what i did.
> The line 68 of the users file contains this :
>          Ldap-Group = "CN=group1,DC=rasad,DC=local",
>          Tunnel-Type = "VLAN",
>          Tunnel-Medium-Type = "IEEE-802",
>          Tunnel-Private-Group-ID = "1"

  Which isn't in the correct format.

  I told you what the correct format is.  You need to use it.

  If you're not going to follow instructions, you need to stop asking
questions on this list.

> I would like to make sure that we can dynamically assign VLAN to Active
> Directory users through Freeradius.

  You've said that.  I understand.  Do you understand my response?

> The authentication without Dynamic VLAN works well. 
> What should i modify on the file   /etc/raddb/modules/ldap ? 

  Did I tell you to modify the contents of that file?

> Below is the content of the file :

  Which you have already posted.

> What should be modified again once Active Directory works well with
> Freeradius without Dynamic VLAN?

  I'm sure I already answered that question.

  If you're going to ignore my responses, and keep posting the same
question... you should realize that it's rude.  All you're doing is
being annoying.

  Alan DeKok.

More information about the Freeradius-Users mailing list