Different LDAPs for different realms
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Wed Jun 10 10:37:13 CEST 2015
Hi,
> I have freeradius 3.0.9 running on Debian 8 in the eduroam network. I need to authenticate users of my organization realms on my server using LDAP (I have 2 realms with sepparate LDAP servers (on MS active directory controllers)). All other realms I need to send to national eduroam radius server by the radsec channel.
various ways... you could use different virtual servers and use proxy.conf to send the realms to those virtual servers..
or you could use unlang to send the requests to those virtual servers,
or, and probably simpler, you could use unlang to authenticate against different LDAP systems
eg
authorize {
if (%{User-Name} ~= /@realm1.org$/}{
ldap1
}
if (%{User-Name} ~= /@realm2.org$/}{
ldap2
}
}
...with relevant and configured named ldap modules
alan
More information about the Freeradius-Users
mailing list