"J. Fowler" <[EMAIL PROTECTED]> wrote:
> We are attempting to authenticate multiple users based on which
> Called-Station-ID or NAS-IP-Address. We would like to dynamically build
> the LDAP search filter based on the originating source. Is this
> possible?
Yes.
> users file:
> DEFAULT Called-Station-ID =~ "8888$|7777$|6666$", Auth-Type := LDAP
> userClass = ourDialup,
> Fall-Through = No
...
> radiusd.conf
> ldap {
> identity = "uid=someuser,ou=site,dc=..."
> password = xxxxxxxx
> basedn = "ou=site ... t"
> filter = "(&(uid=%{User-Name})(userClass=%{userclass}))"
The "man" page for the "users" file saus that items on the second
line go into the reply. The file doc/variable.txt describes how to
access reply items using %{...}
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
