Hi, Sorry if this question is a repeat but I saw the mail archives and not able to find what I am looking for.
We are using freeradius to connect to LDAP server. I can able to authenticate with the radius sever fine. Now I want to retrieve ldap attribute called productId. Depends on the productId, I have to give access the users. If the productId=1234, then all the users will get access. If not..no access. After reading the mail archives and documentation, I saw I need to do changes in /etc/raddb/dictionary,/etc/raddb/users, /etc/raddb/ldap.attrmap Can you please explain me what is the right config I need to modify. You help is really appreciated. Thanks and regards. Here is the radiusd.conf for ldap. ldap { server = "testldap.xyz.com" ### identity = "cn=Directory Manager" ### password = 1223 ### basedn = "dc=test1213,dc=household,o=internet" filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" encryption_scheme = crypt start_tls = no dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 password_attribute = userPassword timeout = 4 timelimit = 3 net_timeout = 1 #compare_check_items = yes #do_xlat = yes # access_attr_used_for_allow = yes ### } __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html