[802.1x] FreeRADIUS OpenLDAP

Alan DeKok aland at deployingradius.com
Thu Jan 28 16:30:05 CET 2021


On Jan 28, 2021, at 10:21 AM, Christian VAN DER ZWAARD via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> 
> It means FreeRADIUS does not look for the Group id in the right place.

  I still have no idea what that means.

  FreeRADIUS doesn't "look for" anything.  It runs specific modules, which do specific things.

> It's not a bug or anything, I just don't know how to tell FreeRADIUS to get
> the Tunnel-Private-Group-Id from the users group.

 So... you're not going to tell us where in the LDAP hierarchy the users group is defined.  You're not going to give any useful information.  You just repeat what you said in the previous message.

  Computers don't work on "I want to do stuff".

  Do you have an LDAP query (i.e. using ldapsearch) which returns the users group?  If so, what is it?

  Once you have an LDAP query, it's trivial to add that to the FreeRADIUS configuration.

  The user may be a member of *multiple* groups, too.  Which one are you going to select for assigning to Tunnel-Private-Group-Id?

  Just... details matter.  I can't for the life of me see why it's useful to say "I want to do stuff", with no more information than that.

  Alan DeKok.




More information about the Freeradius-Users mailing list