"Jay Lee" <[EMAIL PROTECTED]> wrote: > My last task is to allow Wireless authentication only to > members of a given LDAP Group.
... i.e. to reject wireless for everyone else. > If I empty out /etc/raddb/users completely, authentication works. If I > put the following in users: > > DEFAULT LDAP-Group == "Wireless", Auth-Type := Accept Then people in the wireless group don't have their passwords checked. > DEFAULT Auth-Type := Reject And everyone else gets rejected. > However, the wireless client never quite seems to finish associating. Any > ideas what I'm doing wrong here? What should the users file look like to > allow anyone who is a member of the Wireless LDAP group and deny everyone > else? DEFAULT LDAP-Group != "Wireless", Auth-Type := Reject That rejects everyone who isn't in wireless. As for the wireless people, their passwords should be checked using the normal process. You shouldn't have to do anything special there. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
