On Fri, 20 Sep 2002, Thai Tran wrote: > Hello everyone, > I am trying to get realms to work correctly in FreeRadius with no > success. I've tried reading some postings and the documentation but still > with no success. Is it possible for me to setup users in certain realms so > that they would access a different portion of the tree in LDAP? If so does > anyone have any suggestions or example that I could follow? > > Thanks ahead, > Thai Q. Tran > Email: [EMAIL PROTECTED]
Yes. You add the realms in proxy.conf and in the ldap configuration section you use %{Realm} when setting the basedn. Something like: basedn = "ou=%{Realm},dc=company,dc=com" The realm module should be before ldap in the authorize section. Also remember to put Stripped-User-Name in your ldap filter like: filter = "(uid=%{Stripped-User-Name:-{User-Name}})" Hope this helps -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 10 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html