> Greeting, > > I've been trying to work out a way to disable unpaid users with a > single disable radiusGroupName. But the doc and the resources is limited > and I don't even see radiusGroupName in the log so I think it is not > working with my configuration. > > I would like to know how to make it work and (the radiusGroupName) and > am I doing a right jobs using it to disable the unpaid users? > > currently I'm using radiusprofileDN to disable them. > > Regards, > Chan Min Wai > > -
ldap_howto.txt in the doc directory tells you how, not sure how outdated that is by now, I will be rewriting it sometime this quarter. Anyway, in case it is outdated, here is how I do it now. in radiusd.conf ldap section groupname_attribute = radiusGroupName groupmembership_filter = "(&(uid=%{Stripped-User-Name:-%{User-Name}})(objectclass=radiusprofile))" In the users file on the first line DEFAULT Ldap-Group == disabled, Auth-Type := Reject In your ldap entry dn: uid=user,... ...otherstuff... radiusgroupname: disabled - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html