>I can't seem to find anything concrete online for freeradius1 relating to groupOfNames, so I've just been trying random things that I found online (for raddb/users) hoping one would work. > >RELEVANT CONFIGS (only relevant portions, comments removed)
>raddb/sites-enabled/default: >authorize { > ldap >} >authenticate { > Auth-Type LDAP { > ldap > } > >} And did you find that any part of documentation suggesting that you should cripple the server and then wonder why it's not working? Or does it say: "use default configuration and make only small changes"? Now, go back to the default configuration, configure *only* ldap module, disable ldap authentication (without the password in the request it can't work as it is clearly stated in ldap module) set_auth_type = no. Add this unlang statements to authorize: if(Ldap-Group == "WirelessUsers") { update control { Auth-Type := Accept } } else { reject } Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html