AD group and Reply Attribute
Alan DeKok
aland at deployingradius.com
Tue Feb 22 13:47:49 UTC 2022
On Feb 22, 2022, at 4:24 AM, ReZa Esfahani <esfahanii.reza at gmail.com> wrote:
> I have Microsoft Active Directory as a users database in my company. i
> have 10 Different Group in my AD and i want to send specific
> attributes for each group to NAS, I also integrate my AD with
> freeradius, but i don't know how to send these attribute to nas and i
> dont know where i made mistake?
What mistake did you make?
What's going wrong?
If only there was some kind of debug output which could help...
> users file
> .......................................
> DEFAULT Ldap-Group == "CN=student,OU=IT,OU=FDM,DC=test,DC=com",
Delete the last comma. But otherwise that's fine.
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Tunnel-Medium-Type = 802 (includes all 802 media plus Ethernet
> "canonical format"),
I don't know why you added all of that extra text. You should just do:
Tunnel-Medium-type = IEEE-802
> Tunnel-Private-Group-ID = 15
> Tunnel-Type = Virtual Lans (VLAN)
And why extra stuff here, too? Just use:
Tunnel-Type = VLAN
It helps if you read the documentation, follow it's instructions, and ask GOOD questions.
If your question is vague, then any answers can only be vague. If your question contains useful information (say debug output?) then it's much easier to give useful answers.
Alan DeKok.
More information about the Freeradius-Users
mailing list