Robert Roll wrote:
The below is out of the .../share/doc/freeradius/rlm_ldap
Note that it shows the Ldap_Group variable being set in the users file, but
I'm assuming it should not really matter where it gets set ?
DEFAULT Ldap-Group == cn=disabled,dc=company,dc=com
No. See
On 03/22/2011 06:15 PM, Robert Roll wrote:
This does seem to work differently than I thought..
Yeah, like I say: it's a virtual attribute that does the group search
when you compare it.
My model was something like ntlm_auth, which allows an authentication,
but one can also require
, 2011 3:14 AM
To: freeradius-users@lists.freeradius.org
Subject: Re: Group checking in ldap authorization
On 03/22/2011 06:15 PM, Robert Roll wrote:
This does seem to work differently than I thought..
Yeah, like I say: it's a virtual attribute that does the group search
when you compare
I have an ldap module that I want to force to do group checking.
Reading the documentation, it seems that there should be an attribute (I'm
assuming control?)
that should force that check ? i.e. instance-name-Ldap-Group ..
I notice that the ldap module seems to have group checking disabled
On 22/03/11 14:24, Robert Roll wrote:
Below is what I have in my authorization section. I
update control {
ldapADut-Ldap-Group :=
cn=chemVLAN,OU=Groups,OU=UofURadius,dc=ad,dc=utah,dc=edu
}
ldapADut {
notfound = reject
}
Where
@lists.freeradius.org
[freeradius-users-bounces+robert.roll=utah@lists.freeradius.org] On Behalf
Of Phil Mayers [p.may...@imperial.ac.uk]
Sent: Tuesday, March 22, 2011 8:46 AM
To: freeradius-users@lists.freeradius.org
Subject: Re: Group checking in ldap authorization
On 22/03/11 14:24, Robert
list
Subject: RE: Group checking in ldap authorization
The below is out of the .../share/doc/freeradius/rlm_ldap
Note that it shows the Ldap_Group variable being set in the users file, but
I'm assuming it should not really matter where it gets set ?
DEFAULTLdap-Group == cn=disabled,dc
7 matches
Mail list logo
