UNCLASSIFIED
Why not test Ldap-UserDN using a regexp. It will contain the users' OU as part
of the full distinguished name.
regards,
Frank Ranner
________________________________
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tribes
Tom
Sent: Friday, 16 May 2008 21:05
To: FreeRadius users mailing list
Subject: Re: users advanced configuration
I have already test with group, it runs but i would like to avoir using
groups if it s possible
I prefer just use "ou". It will be much more easy for the
administration.
Thks for the tip about Auth-Type
2008/5/16 Ivan Kalik <[EMAIL PROTECTED]>:
Use groups in ldap and configure groupmembership part of
radiusd.conf
ldap configuration. Add users to the groups and use:
DEFAULT Ldap-Group = "heure", Max-Daily-Session := 3600
to set the attributes. Don't use Auth-Type. Ldap module should
set
Auth-Type ldap (see set_auth_type configuration option) itself.
Ivan Kalik
Kalik Informatika ISP
Dana 16/5/2008, "tribestom" <[EMAIL PROTECTED]> piše:
>Hi
>
>I have a little hard to configure freeradius. here is what i
want to
>do :
>
>I want to run an hotspot with different accounts which give
different
>connection time.
>
>I have an openldap server with this organisation :
>
> dc=com
> |
> dc=exempl
>
> | |
> ou=heure ou=jour
> | |
> uid=user1 uid=user2
>
>
>What i have running now :
>
>I can authenticate a users with a time limit.
>
>Here is my users file :
>
>DEFAULT Auth-Type = ldap,Max-Daily-Session := 3600
>
>I want add a second line with correspond to a day like this :
>
>DEFAULT Auth-Type = ldap,Max-Daily-Session := 86400
>
> and i want that user from ou=heure use the first one and user
from
>ou=jour use the policy with a day time
>
>which attribute should i add to this line or how should i do
to realize
>this. I haven t found any clue on the net how to do this.
>
>Here is my ldap conf in radiusd.conf :
>
>server = "192.168.20.240" # ip de la machine avec le serveur
ldap
> identity = "cn=admin,dc=exempl,dc=lcom" # login
sur le serveur ldap
> password = "******" # mots de passe sur le
serveur ldap
> basedn = "dc=exempl,dc=com" # base de recherche
sur le serveur ldap
> filter ="uid=%u" # filtre de recherche ( ici
tout utilisateur )
> ldap_connections_number = 5 # nombre de
tentative de connection
> timeout = 4
> timelimit = 3
> net_timeout = 1
> tls {
> start_tls = no
> }
> dictionary_mapping = ${raddbdir}/ldap.attrmap
> edir_account_policy_check = no
>
>Sorry for my bad english and thanks for your help
>
>If you need more informations just tell me
>
>
>Tribolet
>Thomas
>
>
>
>
>
>-
>List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
>
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
