On Wed, 20 Jul 2005 [EMAIL PROTECTED] wrote:
> My fault...members of that group are DENIED access. Now I get.
>
> So, that leads me to another question. How do I change the syntax so that
> users
> are ALLOWED access if they are a member of the specified group? I tried
> changing the line in the users file to Auth-Type := Allow, but this didn't
> work.
> Unfortunately, I can't find anything on this in rlm_ldap or FAQ.
>
> Thanks in advance,
>
> Josh
Just think backwards.
DEFAULT Ldap-Group == "cn=remoteusers,o=services"
DEFAULT Auth-Type := Reject
Reply-Message = "Your account has been disabled"
That will see if you match Ldap-Group, if not, you won't match that line
in the users file so it will try the next line. The next line rejects
everyone.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
