FreeRADIUS and Active Directory Integration
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Wed Jul 22 18:11:28 CEST 2015
> On Jul 22, 2015, at 11:59 AM, Scott Pickles via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>
> I'm sure you're reading the subject going "ugh not another one". But there is so much documentation out there and all of it slightly different that I don't know which end is up at this point. I would like to use FreeRADIUS to authenticate VPN users and wireless, and I'm working on VPN right now. From what I understand so far, I want to use LDAP to check if the person is in the right group first, and if not reject them. If they are in the right group then authenticate using ntlm_auth. I am also understanding that the place to do this is no longer the users/authorize file and that it should be done in the 'default' file using 'unlang'. Is this correct so far? If so, can someone give me an example of the 'unlang' portion?
>
if (LDAP-Group != 'VPNgroup) {
reject
}
LDAP should be replaced with the instance of the LDAP module you're using.
-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150722/38012b25/attachment-0001.sig>
More information about the Freeradius-Users
mailing list