FreeRADIUS 3.0.12 + openLDAP + Apple access point?
Tobias Balle-Petersen
tobiasbp at gmail.com
Thu Dec 7 08:57:41 CET 2017
> (18) files: users: Matched entry DEFAULT at line 63
>
> What is on line 63 of the users file?
>
>
That is my reject. The user should have been matched earlier, because he's
a member of some of the groups mentioned. This works when testing with
"radtest -x -t pap ..." which, I assumed, meant that the problem could not
be in the "users" file?
52 DEFAULT Ldap-Group == "wifi-cph", Huntgroup-Name ==
"accesspoints-lan"
53 Reply-Message = "OK, member of wifi-cph."
54
55 DEFAULT Ldap-Group == "wifi-cph-guest", Huntgroup-Name ==
"accesspoints-guest"
56 Reply-Message = "OK, member og wifii-cph-guest."
57
58 #DEFAULT Ldap-Group == "vpn-copenhagen", Huntgroup-Name == "vpn"
59 DEFAULT Ldap-Group == "kp-vpn-cph", Huntgroup-Name == "kp-vpn"
60 Reply-Message = "OK, member of kp-vpn-cph."
61
62 # Reject everyone (Who did not match above)
63 DEFAULT Auth-Type := Reject
64 Reply-Message = "Sorry, no access for you."
More information about the Freeradius-Users
mailing list