Authenticating users on LDAP based on Group name

Ben Humpert ben at
Thu Mar 26 00:20:09 CET 2015

2015-03-25 22:26 GMT+01:00 Jose Torres-Berrocal <jetsystemservices at>:
> I do not think what I need is nonstandard.
> Let me explain my need in non technical way.  I need the users to enter
> username and password. Compare the username/password against Active
> Directory, then extract the Groups the user belong to and compare/verify it
> includes the Group   set up in Radius LDAP config. If match pass, else
> reject.

Where in the Radius LDAP config did you set up the Group? In

Have you already modified the groupmembership_filter to match your MS AD schema?

Do you only want to authenticate users in the group InternetAccess
with Radius or also users of other groups?

> Maybe this can be done with any combination of the normal filter,  base
> filter, group membership filter, group attribute, etc.

More information about the Freeradius-Users mailing list