RobYou may need to look under authorize and modules in radiusd.conf and have something like:
#modules { section ldap CTC_users { server = "ldap" net_timeout = timeout = timelimit = ldap_connections_number = basedn = "dc=abc,dc=edu" filter="(&(objectClass=person)(|(departmentNumber=CTC)(|(employeeNum ber=%{Stripped-User-Name:-%{User-Name}})(uid=%{Stripped-User-Name:-%{User-Name}})))" ... #authorize { section Autz-Type = CTC_accounts { CTC_users }
for the users Autz-Type := CTC_accounts, Phil Mayers wrote:
Rob VanDusen wrote:I'm very new to both Linux and FreeRadius, so please excuse me if this is too easy a question. After a couple weeks of fighting, reading, testing and reconfiguring - I finally managed to get FreeRadius 2.x working with my Novell eDirectory. Right now my eDir tree is made up of 6 "O's" - one for each building in the organization. It looks something like this: ISDTREE | CTC | ESB | MTC | SPS | OAC | JSCSorry, that's a bit confusing; are you saying you don't have a common top-level O or OUThat is, is the current basedn: o=esb ?If so, you've got problems (and if I may say so, that's a rather unwise configuration)My current config will check via LDAP against a NetWare box and authorize anyone in the ESB container - but I can't get it to look at any of the other containers. I tried doing multiple instances of the LDAP module - but that resulted in the server not authorizing anyone.http://wiki.freeradius.org/index.php/FAQ#It_still_doesn.27t_work.21How would I set this up so I can add the other O's as Base DN's? I'd really appreciate any instructions that a slightly dim bulb could follow. -Rob - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html-List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
smime.p7s
Description: S/MIME Cryptographic Signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html