configuration for retrieving LDAP security group membership
Adam Thompson
athompson at uplogix.com
Wed Dec 14 17:02:49 CET 2016
I'm stuck with v 2.2.6, unfortunately.
For the LDAP query, should I add an "update" section to get the group membership? Where should that go, in the LDAP section of the configuration?
Something like the following?
update {
reply:Uplogix-User-Groups := 'Ldap-Group'
}
Thanks,
Adam
-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+athompson=uplogix.com at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Tuesday, December 13, 2016 4:48 PM
To: FreeRadius users mailing list
Subject: Re: configuration for retrieving LDAP security group membership
On Dec 13, 2016, at 4:31 PM, Adam Thompson <athompson at uplogix.com> wrote:
>
> I need to configure FreeRADIUS Version 2.2.6 to retrieve LDAP security group membership, and am hoping someone here can help.
It can retrieve LDAP group membership, mostly. But it's really limited to checking LDAP group membership.
> In this case I have a web application that queries FreeRADIUS. FreeRADIUS then goes to the LDAP server and authenticates the user. User authentication works, but I've tried a couple of things to get the LDAP server to return security group membership with no luck.
You can just do an LDAP query, and return that.
Or, use v3, which caches LDAP group membership. Version 2 is old and no longer supported.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list