In my authorize section I am matching LDAP groups to set VLAN attributes as
such:
if (Ldap-Group == netCoreClass-IT) {
update reply {
Tunnel-Private-Group-Id:1 := 102
}
}
elsif (Ldap-Group == netCoreClass-engineering) {
Hi,
elsif (Ldap-Group == netCoreClass-finance) {
update reply {
Tunnel-Private-Group-Id:1 := 124
}
}
Authentication is against Active Directory. So while a user may get
assigned to a VLAN based of
Thanks for the reply.
First, adding an else to the if statement doesn't really help. As that is
in the authorize section that simply queries AD via LDAP to check for
groups of the user. It uses an admin DN to bind and query, not the actual
user credentials (as this is a PEAP) request. So I
3 matches
Mail list logo
