Re: Configure authentication via LDAP Group membership issue [sec=unclassified]

David Hobley Tue, 30 Oct 2007 18:00:02 -0800

Frank, 

Thank you - greatly appreciated. This made me realise that my thinking was 
foggy when I had defined group memberships. All working now.

Cheers, 
David 
----- Original Message ----- 
From: "Frank MR Ranner" <[EMAIL PROTECTED]> 
To: "FreeRadius users mailing list" <[email protected]> 
Sent: Wednesday, 31 October 2007 10:20:36 AM (GMT+1000) Australia/Brisbane 
Subject: RE: Configure authentication via LDAP Group membership issue 
[sec=unclassified] 

... 
_______________________________ 

The memberUid attribute in a posixgroup is supposed to hold the uid, not 
the uidNumber. That would make your groupmembership_filter = 
"(memberUid=%{User-Name})" or more robustly, 
groupmembership_filter = 
"(&(memberUid=%{Stripped-User-Name:-%{User-Name}})(objectClass=posixGrou 
p))" 

Regards, 
Frank Ranner

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Configure authentication via LDAP Group membership issue [sec=unclassified]

Reply via email to