Help request: LDAP syntax authorization

Aaron Dalla-Longa aaron at
Fri Mar 31 20:53:12 CEST 2017

Freeradius version 3

Is it possible to deny a user based on an attribute that LDAP sends
through, and if so, what is the syntax for it? Alternatively, if there is a
well-put together guide on Freeradius LDAP syntax, could you link it to me?
Something that I would be looking for would be something like the
pseudo-code below:

if (user_attribute "delinquency" == "no") {
else {

Our LDAP directory is a list of library patrons, and I would want the LDAP
module to reject based on one or other attributes.

*Aaron Dalla-Longa*
Systems Administrator
Shortgrass Library System
tf: 1.866.529.0550 | p: 403.529.0550

More information about the Freeradius-Users mailing list