Hi list,
that's my problem: I've been authenticating against an Active
Directory Server with just one domain correctly. But now I should
authenticate user of differents domains which are included in a group
of the Active Directory. The users are from differents domains, some
of them belong Active Directory and the others belong to differents
nt-domains. The domains are managed by the differents domain
controlers (trusted domains) so I just shoud authenticate with
ntlm_auth and the option --domain. This all works fine: I can
authenticate, but the problem is that I can't find the way to filter
in my LDAP module in orther to authorize. I would like to authorize
just the members of a group, but I can't find the way to do it just
with the user-login and de group name, which are the data that I have.
I have tried it filtering in the next way:
filter =(&(DN=My group DN)(member=%{mschap:User-Name}))
But it doesn't work.
Does anybody know if I can do it via any LDAP attribute? Any othe idea?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
