Can i before : DEFAULT Ldap-Group == "GroupLetters", Pool-Name := letters DEFAULT Ldap-Group == "GroupNumbers", Pool-Name := numbers add
DEFAULT Pool-Name := vpn_main which will asign vpn_main pool to all other groups not defined in users file? Thanks! 2008/4/6 Ivan Kalik <[EMAIL PROTECTED]>: > ldap looks fine to me, but I don't use it. > > Ivan Kalik > Kalik Informatika ISP > > > Dana 6/4/2008, "David Hláčik" <[EMAIL PROTECTED]> piše: > > >Thanks Ivan!, > > > >can i understand it like that my group structure in LDAP is okay, and > there > >is only need to add those to users file and it will work? > > > >D. > > > >2008/4/5 Ivan Kalik <[EMAIL PROTECTED]>: > > > >> DEFAULT Ldap-Group == "GroupLetters", Pool-Name := letters > >> > >> DEFAULT Ldap-Group == "GroupNumbers", Pool-Name := numbers > >> > >> Ivan Kalik > >> Kalik Informatika ISP > >> > >> > >> Dana 5/4/2008, "David Hláčik" <[EMAIL PROTECTED]> piše: > >> > >> >Hi, > >> > > >> >i will describe what i am trying to achieve. > >> > > >> >This is my sample ldap structure > >> > > >> >users (inetOrgPerson) : > >> > > >> > > >> >cn=User1,ou=Users,o=Polarion > >> >cn=User2,ou=Users,o=Polarion > >> >cn=UserA,ou=Users,o=Polarion > >> >cn=UserB,ou=Users,o=Polariong > >> >groups (GroupOfNames) > >> > > >> >cn=GroupNumbers,ou=Groups,o=Polarion > >> > member=cn=User1,ou=Users,o=Polarion > >> > member=cn=User2,ou=Users,o=Polarion > >> > > >> > cn=GroupLetters,ou=Groups,o=Polarion > >> > member=cn=UserA,ou=Users,o=Polarion > >> > member=cn=UserB,ou=Users,o=Polarion > >> > > >> >I want to be able to assign different poll-name per group > >> > > >> >for GroupNumbers Pool-Name number > >> >for GroupLetters Pool-Name letters > >> > > >> >How can i achieve this without adding any attribute to user entry? > (users > >> >have access to their dn, so they will be able to change it - this is > what > >> i > >> >want to block! , i know i can set readonly access in slapd.conf, but > this > >> is > >> >not what i want) > >> > > >> >1) One scenario i was thinking of is to add in radius to users file : > >> > > >> >DEFAULT Pool-Name == numbers, Ldap-Group > >> >== cn=GroupNumbers,ou=Groups,o=Polarion > >> > Fall-Through = no > >> > > >> >DEFAULT NAS-Port-Type == letters, Ldap-Group == > >> >cn=GroupLetters,ou=Groups,o=Polarion > >> > Fall-Through = no > >> > > >> >But what i need to add to ldap - configuration part in order to make > it > >> >work? > >> > > >> >Thanks very very much for help! > >> > > >> >Regards, > >> > > >> >David > >> >On Wed, Apr 2, 2008 at 12:13 PM, Ivan Kalik <[EMAIL PROTECTED]> wrote: > >> > > >> >> >So if i understand clear a i need to name and configure ip pool > parts > >> in > >> >> >radius.conf and than use this name as a Pool-Name in LDAp P? > >> >> > >> >> Yes. > >> >> > >> >> >Is there a > >> >> >chance to specify range directly in LDAP and not in ip pool? > >> >> > > >> >> > >> >> No, but there is sqlippool. Or use DHCP on your NAS. Or define IP > pools > >> >> on the NAS and select them with Framed-Pool if your NAS supports it. > >> >> Cisco doesn't but you can set IP pool with avpairs. > >> >> > >> >> Ivan Kalik > >> >> Kalik Informatika ISP > >> >> > >> >> - > >> >> List info/subscribe/unsubscribe? See > >> >> http://www.freeradius.org/list/users.html > >> >> > >> > > >> > > >> > >> - > >> List info/subscribe/unsubscribe? See > >> http://www.freeradius.org/list/users.html > >> > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html