On 13 May 2002, Michael Klatsky wrote: > Kostas- > > Thanks for your response. Now, what to do with the groupname items? If I > comment them out, I end up with: > > > rlm_ldap: performing search in o=CTTEL,c=US, with filter (uid=gozilla) > rlm_ldap: checking if remote access for gozilla is allowed by > radiusClass > rlm_ldap: checking user membership in dialup-enabling group > radiusClass=AnalogUser > radius_xlat: 'radiusClass=AnalogUser' > radius_xlat: '(uid=gozilla)' > rlm_ldap: performing search in radiusClass=AnalogUser, with filter > (uid=gozilla) > rlm_ldap: ldap_search() failed: No such object > > > My goal is- if (obviously) username and password match, then see if the > user is an AnalogUser (radiusClass=AnalogUser). If so- then allow them > access. > > Should I make my filter be (&(uid=%u)(radiusClass=AnalogUser))? > > Thanks again... > > Michael
You should comment out the access_group configuration directive and yes you should use that filter. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 10 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
