I want to assign vlan base on ldap group and this is my setup. I have multiple instances of ldap in the module section.
ldap ldap1{ } ldap ldap2{ } l authorize { Autz-Type LDAP1{ ldap_ldap1 } Autz-Type LDAP2{ ldap_ldap2 } } To assign vlan, in the users file I have DEFAULT ldap_ldap1-Ldap-Group == "xx", Autz-Type := LDAP1, Auth-Type := LDAP1 Fall-Through = No, Reply-Message = "Active D" DEFAULT ldap_ldap2-Ldap-Group == "people", Autz-Type := LDAP2, Auth-Type = LDAP2 Fall-Through = No, Reply-Message = "LDAP" When I run radius in debug mode, I saw that it found the ldap group "rlm_ldap: Entering ldap_groupcmp()" and it successfully bind to ldap. However, when searching for group, I am getting these errors "rlm_ldap::ldap_groupcmp: Group not found or user is not a member." "rlm_ldap: object not found or got ambiguous search result". Am I getting this error because the groupmembership filter is incorrect? Anyone knows what the problem is? --- fvt3 <[EMAIL PROTECTED]> wrote: > Hi, > > How do I assign vlan base on authentication method. > Say if user is authenticated from ldap1 assign > vlan1, > if user is authenticated from ldap2 assign vlan2. > How > do I configure radius to do this? > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam > protection around > http://mail.yahoo.com > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html