Different LDAPs for different realms

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Wed Jun 10 10:37:13 CEST 2015


Hi,

> I have freeradius 3.0.9 running on Debian 8 in the eduroam network. I need to authenticate users of my organization realms on my server using LDAP (I have 2 realms with sepparate LDAP servers (on MS active directory controllers)). All other realms I need to send to national eduroam radius server by the radsec channel. 

various ways... you could use different virtual servers and use proxy.conf to send the realms to those virtual servers..
or you could use unlang to send the requests to those virtual servers,

or, and probably simpler, you could use unlang to authenticate against different LDAP systems

eg 

authorize {

	if (%{User-Name} ~= /@realm1.org$/}{
		ldap1
		}
	
	if (%{User-Name} ~= /@realm2.org$/}{
                ldap2
                }

}


...with relevant and configured named ldap modules


alan


More information about the Freeradius-Users mailing list