ldap module for user and mac authentication
Dave Macias
davama at gmail.com
Tue Aug 7 17:50:05 CEST 2018
Hello,
So background of environment i am testing:
master (freeradius and openldap) server - which auths users and provides
other services
slave (freeradius and openldap) server - which replicates based off of
master and *only* auths macs
On the SLAVE, I am able to use the ldap module to auth a mac address
On the MASTER, i am also able to auth a mac but by doing something like the
links below:
http://lists.freeradius.org/pipermail/freeradius-users/2015-April/076948.html
http://lists.freeradius.org/pipermail/freeradius-users/2018-August/092319.html
Is there a way on the MASTER to use the ldap module to also auth macs? I
like the ability to add several ldap servers in conjunction with the
"do_not_respond" control policy.
Here is the changes i did on the ldap module to make it work for the SLAVE:
ldap {
server = 'localhost'
server = 'master-server'
base_dn = 'dc=myorg,dc=net'
user {
base_dn = "ou=%{config:local.BRN},ou=macs,${..base_dn}"
filter = "(cn=%{%{Stripped-User-Name}:-%{User-Name}})"
...
}
Hope this makes sense.
Any input will is appreciated.
Thank you,
dave
More information about the Freeradius-Users
mailing list