I'm trying to authenticate specific LDAP group with FreeRadius.
I need to apply this checking inside a virtual-server, as there are two different groups and i'm using a single Unix Box.
Any suggestions of how to do this!.
Asked
Active
Viewed 935 times
1 Answers
0
You can do this inside the authorize section
authorize {
if (!(LDAP-Group == '<group name>')) {
reject
}
}
Group name can be a name, or DN. In version 2 the heuristic is pretty simple, it just checks for the presence of a comma to determine if its a DN.
Arran Cudbard-Bell
- 1,574
- 1
- 9
- 19