Hi,
Have deployed freeradius with PPPD+Radius Patch on linux box and LDAP on
Microsoft ADS. Freeradius is configured for LDAP Auth and PPPD is
configured for pointing auth to radius. Dialin user is getting
authenticated fine..
Microsoft ADS has a user attribiute "msNPAllowDialin" for allow/deny
dialin access. I want to deny access if user has attribute
"msNPAllowDialin" attribute set to "FALSE"
Have setup radius.conf for following..
access_attr = "msNPAllowDialin"
access_attr_used_for_allow = yes
But user still getting authenticated and allowed dialin access even if
user LDAP attribute msNPAllowDialin is set to FALSE, i.e
""msNPAllowDialin: FALSE" I did tried "access_attr_used_for_allow = no"
with access_attr in radius.conf but still user having "msNPAllowDialin" is
getting authenticated and allowed access.
I can see the attribute with ldapsearch bind with admin or user from linux
box.
Any help is appreciated..and thanks in advance..
regards
Premal
__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
