> Greeting,
>
> I've been trying to work out a way to disable unpaid users with a
> single disable radiusGroupName. But the doc and the resources is limited
> and I don't even see radiusGroupName in the log so I think it is not
> working with my configuration.
>
> I would like to know how to make it work and (the radiusGroupName) and
> am I doing a right jobs using it to disable the unpaid users?
>
> currently I'm using radiusprofileDN to disable them.
>
> Regards,
> Chan Min Wai
>
> -
ldap_howto.txt in the doc directory tells you how, not sure how outdated
that is by now, I will be rewriting it sometime this quarter.
Anyway, in case it is outdated, here is how I do it now.
in radiusd.conf ldap section
groupname_attribute = radiusGroupName
groupmembership_filter =
"(&(uid=%{Stripped-User-Name:-%{User-Name}})(objectclass=radiusprofile))"
In the users file on the first line
DEFAULT Ldap-Group == disabled, Auth-Type := Reject
In your ldap entry
dn: uid=user,...
...otherstuff...
radiusgroupname: disabled
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
