Hi list, that's my problem: I've been authenticating against an Active Directory Server with just one domain correctly. But now I should authenticate user of differents domains which are included in a group of the Active Directory. The users are from differents domains, some of them belong Active Directory and the others belong to differents nt-domains. The domains are managed by the differents domain controlers (trusted domains) so I just shoud authenticate with ntlm_auth and the option --domain. This all works fine: I can authenticate, but the problem is that I can't find the way to filter in my LDAP module in orther to authorize. I would like to authorize just the members of a group, but I can't find the way to do it just with the user-login and de group name, which are the data that I have. I have tried it filtering in the next way: filter =(&(DN=My group DN)(member=%{mschap:User-Name})) But it doesn't work. Does anybody know if I can do it via any LDAP attribute? Any othe idea? Thanks in advance for any help!!!
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html