LDAP group authentication

Jake L. jake_homs at yahoo.com
Tue Jun 27 00:36:37 CEST 2017


Hello - I successfully got our Freeradius server to authenticate against our FreeIPA LDAP environment, allowing user access. Currently, all users in here will be granted successful access. However, I'm having trouble trying to identify what to setup to get only a single group in our FreeIPA environment allowed to authenticate while all other groups are denied. In a nutshell, I want to only allow the "network-team" group authenticated access via the Freeradius server, and any/all other groups to be denied. In my wiki and google searches, I've found reference to "group_authorization", but I can't find that module in the policy.d or mods-available folder. Also, I've seen the reference to huntgroups, but only when queried against SQL, which shouldn't be needed in my case. Can anyone point me in the right direction to get this working?
TL;DR = Need info on setting up Freeradius authentication to LDAP only for a specific group, denying all other groups. 
Thank you!Jake


More information about the Freeradius-Users mailing list