Access-Accept / Access-Reject based on LDAP Group & SSID
Ben Humpert
ben at an3k.de
Thu Mar 19 17:20:11 CET 2015
Hi,
I already read plenty of Howtos, manpages and configuration examples
and tried to find a Guide for what I'm trying to archive. The best
matching I found was
http://serverfault.com/questions/397087/auth-type-reject-in-radius-users-file-matches-inner-tunnel-request-but-sends
and http://wiki.freeradius.org/guide/Mac-Authat but these didn't
helped much. In fact they left me more confused than I was before.
What I exactly want to archive is RADIUS to check
1) if the group the user is in is allowed to log into
Called-Station-Ssid "guest"
2) if the username & password is correct
3) if user has "dialupAccess" set
I'm running Ubuntu 14.04.1, FreeRADIUS 2.1.12 and OpenLDAP 2.4.31
I'd start from scratch but have modified dictionary, policy.conf and
sites-available/default according to
http://wiki.freeradius.org/guide/Mac-Auth
Any help is greatly appreciated. Thank you very much in advance!
Best regards,
Ben Humpert
More information about the Freeradius-Users
mailing list