LDAP filter
Andrés Gómez
andres.gomez.ruiz at gmail.com
Sun Sep 17 02:51:23 CEST 2017
Hi friends!!
In the company where I work, we have a wireless controller which is
authenitcating with a LDAP server using this configuration:
IP address: 192.168.0.10
LDAP Base DN = "plataform.example.com.co"
Admin DN= "cn=roam,dc=example,dc=com,dc=co"
Admin password = 12345
Key attribute = uid
SearchFilter= "userType=managment"
With that configuration the people from managment department can login in
the wireless network.
I can change to SearchFilter= "userType=guest", so the people from
managment department can not login, but guest people can do it.
No we need to use a FreeRadius server to set a new wireless controller that
can't use LDAP authentication. So, I installed freeradius-ldap package, and
I enabled the module. This is my ldap file:
ldap {
server = "plataform.example.com.co"
identity = "cn=roam,dc=example,dc=com,dc=co"
password = 12345
basedn = "dc=example,dc=com,dc=co"
ldap_connections_number = 5
...
}
I enabled LDAP module, and reloaded the freeradius configuration and every
works great :D I can autheniticate using freeradius and Ldap server.
But the issue is: with that setting people from managment department and
guest people can logging in the wireless network, both of them. That is a
problem for me, I need to apply the same Filter that the previous wirless
controller had enabled ( Key attribute = uid and SearchFilter=
"userType=managment")
I have tried using these attibutes in ldap config file:
filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
base_filter = "(objectclass=radiusprofile)"
I have tried many combinations but I cant' do it work.
Can you give me any advice about how can I configure the freeradius-ldap
module in order to do that filter?
Thanks in advance!!!
Andrés!!
More information about the Freeradius-Users
mailing list