Ok for the princip, but can you explain me more about functionality ? I do not practically understand ho I can implement this to define more than 1 group against an attribute parameter.
Thxs again, Pierre. -----Message d'origine----- De : Kostas Kalevras [mailto:[EMAIL PROTECTED]] Envoy� : mardi 19 mars 2002 16:39 � : [EMAIL PROTECTED] Objet : Re: Defining Radius groups with specific abilitations against LDAP at tribute On Tue, 19 Mar 2002, Pierre Strazza wrote: > Hi There, > > > I'm trying to define radius groups, so that I can manage specific > permissions for users against LDAP entries. Group of users must be handled > on Radius against the value of an LDAP attribute. > I tried some configurations, but still does not work. > > Any idea about that ? > Thxs in advance. > > Pierre. You can do one of the following: o Use default/regular profiles. Just add the DN of the profile entry in the corresponding user entries using the profile_attribute defined in the ldap module configuration. Something like: dn: uid=group1-dialup,ou=people,dc=company,dc=com objectclass: radiusprofile radiusPortLimit: 1 dn: uid=user1,ou=people,dc=company,dc=com objectclass: radiusprofile dialupregularprofile: uid=group1-dialup,ou=people,dc=company,dc=com o Create ldap groups containing all the users for which you want to pass specific information. Then you can do something like this: dn: cn=group1,ou=groups,dc=company,dc=com objectclass: groupofuniquenames uniquemember: uid=user1,ou=people,dc=company,dc=com [...] users file: DEFAULT Group == "group1" Port-Limit = 1 In general take a look at doc/rlm_ldap. It is quite helpfull. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 10 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html . . . - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
