Authenticating users on LDAP based on Group name
Ben Humpert
ben at an3k.de
Thu Mar 26 00:20:09 CET 2015
2015-03-25 22:26 GMT+01:00 Jose Torres-Berrocal <jetsystemservices at gmail.com>:
> I do not think what I need is nonstandard.
>
> Let me explain my need in non technical way. I need the users to enter
> username and password. Compare the username/password against Active
> Directory, then extract the Groups the user belong to and compare/verify it
> includes the Group set up in Radius LDAP config. If match pass, else
> reject.
Where in the Radius LDAP config did you set up the Group? In
groupmembership_attribute?
Have you already modified the groupmembership_filter to match your MS AD schema?
Do you only want to authenticate users in the group InternetAccess
with Radius or also users of other groups?
> Maybe this can be done with any combination of the normal filter, base
> filter, group membership filter, group attribute, etc.
More information about the Freeradius-Users
mailing list