configuration for retrieving LDAP security group membership

Adam Thompson athompson at
Tue Dec 13 22:31:26 CET 2016

I need to configure FreeRADIUS Version 2.2.6 to retrieve LDAP security group membership, and am hoping someone here can help.

In this case I have a web application that queries FreeRADIUS. FreeRADIUS then goes to the LDAP server and authenticates the user. User authentication works, but I've tried a couple of things to get the LDAP server to return security group membership with no luck.

I have added and included a dictionary file with a definition of my vendor-defined attribute as follows:

VENDOR          Uplogix                 10243
ATTRIBUTE       Uplogix-User-Groups                     3       string

After reading through available documentation, I tried to return the groups with the following in the /erc/raddb/users file, but it doesn't work:

        Uplogix-User-Groups = Ldap-Group

Should I instead be requesting the LDAP group in the post-auth section of the LDAP module? If so can I get an example of how the syntax should work for that?

Thanks in advance,

Adam Thompson

More information about the Freeradius-Users mailing list