Hi Peter, I will give that instruction a try and return to you/to the list the results.
Thanks! Lincoln On Tue, Mar 30, 2010 at 1:12 AM, Peter Lambrechtsen <plambrecht...@gmail.com> wrote: > The best way is to follow what I suggested in this post. > > http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg00001.html > > We authenticate a group of 5620's and 7210's in our environment too using > that exact same method. > > Now that the Timetra (now Lucent) Dictionary is in 2.1.8 thanks to me > (shameless plug) it should be easy. > > Any questions you can send them to me off-list if you need more help. > > On Tue, Mar 30, 2010 at 10:12 AM, Gary Gatten <ggat...@waddell.com> wrote: >> >> Yup - that's what I was talking about. >> >> You can use variables, but if you need to enumerate a users group >> memberships - then yea you'll need LDAP. >> >> G >> >> >> -----Original Message----- >> From: freeradius-users-bounces+ggatten=waddell....@lists.freeradius.org >> [mailto:freeradius-users-bounces+ggatten=waddell....@lists.freeradius.org] >> On Behalf Of Lincoln Zuljewic Silva >> Sent: Monday, March 29, 2010 4:08 PM >> To: FreeRadius users mailing list >> Subject: Re: Freeradius, Active Directory and User's Group >> >> Gary >> >> Are you talking about the "--require-membership-of" parameter of >> ntlm_auth? >> >> If yes, I can't use it because is a "randon" situation. >> >> The Alcatel software has a list of all groups that can login and their >> appropriate permissions. The freeradius has to see what are the user >> groups that the user are member of and reply it to Alcatel software. >> >> John, >> >> I will check out this "reply attribute" and see if it works for me... >> >> Regards >> Lincoln >> >> On Mon, Mar 29, 2010 at 5:53 PM, Gary Gatten <ggat...@waddell.com> wrote: >> > FWIW, I do group checking with SAMBA. I'm not in front of my system, >> > but there's an arg one can pass to the Samba util exe where it will >> > validate >> > uname, password, and group membership. This should work for most "simple" >> > confs, although I can certainly envision situations where LDAP may be >> > required. >> > >> > ----- Original Message ----- >> > From: freeradius-users-bounces+ggatten=waddell....@lists.freeradius.org >> > <freeradius-users-bounces+ggatten=waddell....@lists.freeradius.org> >> > To: FreeRadius users mailing list >> > <freeradius-users@lists.freeradius.org> >> > Sent: Mon Mar 29 15:26:57 2010 >> > Subject: Re: Freeradius, Active Directory and User's Group >> > >> > Understood, but the freeradius will be able to return this group >> > information to the Alcatel device? >> > >> > Regards >> > Lincoln >> > >> > On Mon, Mar 29, 2010 at 5:10 PM, John Dennis <jden...@redhat.com> wrote: >> >> On 03/29/2010 04:02 PM, Lincoln Zuljewic Silva wrote: >> >>> >> >>> I'm sorry. >> >>> >> >>> I forgot to mention that I'm not using LDAP, but Samba to integrate >> >>> the freeradius with AD. >> >> >> >> O.K. I presume you're using samba for authentication, but where are you >> >> storing the information about which groups a user is in? I presume it's >> >> in >> >> AD. AD is an ldap server that you can query during authorization which >> >> is >> >> when and where you would do the group check. >> >> -- >> >> John Dennis <jden...@redhat.com> >> >> >> >> Looking to carve out IT costs? >> >> www.redhat.com/carveoutcosts/ >> >> - >> >> List info/subscribe/unsubscribe? See >> >> http://www.freeradius.org/list/users.html >> >> >> > >> > >> > >> > -- >> > Lincoln Zuljewic Silva >> > More contact info.: http://www.system.adm.br/contact.php >> > >> > "How often must a question be asked before it's considered a >> > frequently asked question?" >> > >> > - >> > List info/subscribe/unsubscribe? See >> > http://www.freeradius.org/list/users.html >> > >> > - >> > List info/subscribe/unsubscribe? See >> > http://www.freeradius.org/list/users.html >> >> >> >> -- >> Lincoln Zuljewic Silva >> More contact info.: http://www.system.adm.br/contact.php >> >> "How often must a question be asked before it's considered a >> frequently asked question?" >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > -- Lincoln Zuljewic Silva More contact info.: http://www.system.adm.br/contact.php "How often must a question be asked before it’s considered a frequently asked question?" - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html