How to differentiate between vpn user and appliance user?
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Mon Jul 27 10:08:31 CEST 2015
Hi,
> Ah ok, I tried authenticate with no luck. Now I'm using authorize, but
> still having the same issue. It looks like the ldap module is authorizing
> the request, so even now I am still too late in the pipeline.
you're making this more complex..... just check if the Connect-Info is there
and what value is it...and if its there then send the request to a new virtual
server based on the value it is. this completely seperates the policy
requirements for authentication. one virtual-server deals with admin
logins (very easy), the other deals with user logins (very easy). instead,
you are trying to put all requirements into a single virtual-server which
will need all sorts of extra LDAP checks and changes (not so easy).
alan
More information about the Freeradius-Users
mailing list