On Tue, 5 Mar 2002, Pierre Strazza wrote:
> Hi there !!
>
> I'm desesperately trying to define groups of users in radius according to
> groups referenced in an LDAP directory.
> What I plan is to pass specific informations to the NAS according to the
> group the user belong. So I need to define groups of users, instead of users
> themselves in the radius users config file.
>
> Can anyone help ?
> Thxs in advance,
>
> Pierre.
You can do one of the following:
o Use default/regular profiles. Just add the DN of the profile entry in the
corresponding user entries using the profile_attribute defined in the ldap
module configuration.
Something like:
dn: uid=group1-dialup,ou=people,dc=company,dc=com
objectclass: radiusprofile
radiusPortLimit: 1
dn: uid=user1,ou=people,dc=company,dc=com
objectclass: radiusprofile
dialupregularprofile: uid=group1-dialup,ou=people,dc=company,dc=com
o Create ldap groups containing all the users for which you want to pass
specific information. Then you can do something like this:
dn: cn=group1,ou=groups,dc=company,dc=com
objectclass: groupofuniquenames
uniquemember: uid=user1,ou=people,dc=company,dc=com
[...]
users file:
DEFAULT Group == "group1"
Port-Limit = 1
In general take a look at doc/rlm_ldap. It is quite helpfull.
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
