Re: users advanced configuration

Fri, 16 May 2008 03:31:54 -0700 

Use groups in ldap and configure groupmembership part of radiusd.conf
ldap configuration. Add users to the groups and use:

DEFAULT   Ldap-Group = "heure", Max-Daily-Session := 3600

to set the attributes. Don't use Auth-Type. Ldap module should set 
Auth-Type ldap (see set_auth_type configuration option) itself.

Ivan Kalik
Kalik Informatika ISP


Dana 16/5/2008, "tribestom" <[EMAIL PROTECTED]> piše:

>Hi
>
>I have a little hard to configure freeradius. here is what i want to
>do :
>
>I want to run an hotspot with different accounts which give different
>connection time.
>
>I have an openldap server  with this organisation :
>
>       dc=com
>          |
>       dc=exempl
>
>       |       |
>   ou=heure    ou=jour
>    |             |
> uid=user1      uid=user2
>
>
>What i have running now :
>
>I can authenticate a users with a time limit.
>
>Here is my users file :
>
>DEFAULT        Auth-Type = ldap,Max-Daily-Session := 3600
>
>I want add a second line with correspond to a day like this :
>
>DEFAULT        Auth-Type = ldap,Max-Daily-Session := 86400
>
> and i want that user from ou=heure use the first one and user from
>ou=jour use the policy with a day time
>
>which attribute should i add to this line or how should i do to realize
>this. I haven t found any clue on the net how to do this.
>
>Here is my ldap conf in radiusd.conf :
>
>server = "192.168.20.240" # ip de la machine avec le serveur ldap
>               identity = "cn=admin,dc=exempl,dc=lcom" # login sur le serveur 
> ldap
>               password = "******" # mots de passe sur le serveur ldap
>               basedn = "dc=exempl,dc=com" # base de recherche sur le serveur 
> ldap
>               filter ="uid=%u" # filtre de recherche ( ici tout utilisateur )
>               ldap_connections_number = 5 # nombre de tentative de connection
>               timeout = 4
>               timelimit = 3
>               net_timeout = 1
>               tls {
>                       start_tls = no
>               }
>               dictionary_mapping = ${raddbdir}/ldap.attrmap
>               edir_account_policy_check = no
>
>Sorry for my bad english and thanks for your help
>
>If you need more informations just tell me
>
>
>Tribolet
>Thomas
>
>
>
>
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to