Active directory integration and grant access base on AD group membership
paulinster at gmail.com
Tue Feb 14 17:57:14 CET 2017
I already had a look at that url but look like it doesn't work. must be
something I am not doing right .. but unsure what ..
I have create a huntgroup which look like this ..
wireless NAS-IP-Address == 10.1.0.81
and my users file only has the following line in it ..
DEFAULT Ldap-Group == "admin-galaxie", Huntgroup-Name == "wireless"
So my understand is that users that aren't member of the wireless-users
group shouldn't be granted access to the wireless network/device. But that
isn't what happenning .. everyone is granted access
I have attach my radiusd -x log output
( o o )
2017-02-14 11:33 GMT-05:00 Matthew Newton <mcn4 at leicester.ac.uk>:
> On Tue, Feb 14, 2017 at 11:23:33AM -0500, Luc Paulin wrote:
> > Now I would like grant system access base on group membership from active
> > directory. How can this be done. I have tried by configuring the users
> > huntgroup files, but look like it grant access to everyone if
> > username/password is good.
> Have a look at group support in rlm_ldap.
> Matthew Newton, Ph.D. <mcn4 at leicester.ac.uk>
> Systems Specialist, Infrastructure Services,
> I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
> For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 51562 bytes
Desc: not available
More information about the Freeradius-Users