Trouble with freeradius and ldap groups
D C
dc12078 at gmail.com
Fri Jul 10 23:52:55 CEST 2015
Hi,
I'm currently configuring freeradius with an openldap backend for network
device authentication. For each vender I have to add a set of attributes to
my ldap user, then I can log in with the desired access.
So far this is working as expecting (mostly, but i'll save that for a
different thread). I don't want to have to added each of the specific
attributes into each ldap user who needs admin access. Instead I want to
make the admin users members of an ldap group which contains the needed
attributes.
I cannot get freeradius to use the ldap groups (and don't ever see it send
ldap queries for groups).
in my modules/ldap file I have:
groupname_attribute = cn
groupmembership_filter = "(member=%{control:Ldap-UserDn})"
groupmembership_attribute = radiusGroupName
Does anyone have an example of how this is supposed to be configured?
More information about the Freeradius-Users
mailing list