So it will search and find the group, but I can still connect with my
user even though it isn't in that group. Any ideas on how to keep a user
from connecting if their account isn't in that group?
Thibault Le Meur wrote:
Basically trying to
figure out
what I need to add to these lines: groupname_attribute,
groupmembership_filter, and groupmembership_attribute. Also
not sure if
I need to add something to users file like: DEFAULT LDAP-Group ==
"wireless". Can anyone provide input on what I need to
configure, Thanks.
wireless group in ldap, you can see cjarrett is a member:
dn: cn=wireless,ou=Groups,dc=itfreedom,dc=com
objectClass: posixGroup
cn: wireless
gidNumber: 1011
memberUid: cjarrett
You're using POSIXGroups:
groupname_attribute = cn
Groupmembership_filter = "(&(objectclass=posixGroup)(memberUid=%u))
No groupmembership_attribute.
In you users file, for instance:
DEFAULT LDAP-Group == "wireless" ...
See /usr/share/doc/freeradius/rlm_ldap text file.
HTH,
Thibault
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html