Dusty Doris wrote:
...
If this is your users file, its incorrect. Notice the placement of
commas. The check-items should be on one line seperated by commas.
The reply items should be over multiple lines seperated by a comma,
except for the last line.
HOST/lnxad.tde002.sitest.net, User-Category != 515
Fall-Through = no
HOST/lnxad.tde002.sitest.net, User-Category == 515
Fall-Through = no
HOST/lnxad.tde002.sitest.net, Auth-Type := Reject
I changed the users file as you recommended, the ldap.attrmap contains
the additional line:
checkItem User-Category primaryGroupID
Unfortunately also in this case only the Reject entry matches, although
the primaryGroupID seems to passed to User-Category:
radiusd -AX
.....
rlm_ldap: looking for check items in directory...
ldap_get_values
....
ldap_get_values
rlm_ldap: Adding LDAP attribute primaryGroupID as RADIUS attribute
User-Category == 515
ldap_get_values
Any ideas, what's going wrong?
Thanks
Norbert
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
