Authenticating users on LDAP based on Group name
Alan DeKok
aland at deployingradius.com
Tue Apr 21 15:44:53 CEST 2015
On Apr 21, 2015, at 12:07 AM, Jose Torres-Berrocal <jetsystemservices at gmail.com> wrote:
> I noticed that my problem is that when using group options I get authorized
> successfully but does not get authenticated (Using Compare Check Items = No
> results in Access-Accept). When not using group options I get authorized
> and authenticated successfully.
So... what does the debug output say? You posted the configuration files, which aren't necessary, and don't help.
> Is there a way to do a two pass process? If I could run the first pass
> without group options and the second pass if authenticated run with group
> options, I will get my desired result.
The correct solution is to fix your policies. They're wrong now. It's best to understand *why* they're wrong, and fix the problem.
> By the way I found how to run in debug mode in pfsense and do some custome
> changes in the Users.conf file.
Then post the debug output here.
Alan DeKok.
More information about the Freeradius-Users
mailing list