On 27 Mar 2002, Michael Bielicki wrote:
> Can somebody give me an example for the following:
>
> I want authenticate againstan ldap directory and have all users be
> members of different groups with different dialin times. Could not find
> out how to use groups with ldap yet ...
>
> Accounting would go to postgresql, which I started understanding today
> (the module that is )
>
> thanks for your help
>
> Michael Bielicki
Here we go again:
You can do one of the following:
o Use default/regular profiles. Just add the DN of the profile entry in the
corresponding user entries using the profile_attribute defined in the ldap
module configuration.
Something like:
dn: uid=group1-dialup,ou=people,dc=company,dc=com
objectclass: radiusprofile
radiusPortLimit: 1
dn: uid=user1,ou=people,dc=company,dc=com
objectclass: radiusprofile
dialupregularprofile: uid=group1-dialup,ou=people,dc=company,dc=com
o Create ldap groups containing all the users for which you want to pass
specific information. Then you can do something like this:
dn: cn=group1,ou=groups,dc=company,dc=com
objectclass: groupofuniquenames
uniquemember: uid=user1,ou=people,dc=company,dc=com
[...]
users file:
DEFAULT Group == "group1"
Port-Limit = 1
In general take a look at doc/rlm_ldap. It is quite helpfull.
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
