I will try to put all the people I do not want to authenticate to a
specific LDAP group,
anyway I do not know how to do it using the users file to reject a
specific LDAP group
thanks
Riccardo
Alan DeKok wrote:
Riccardo Veraldi wrote:
Not all the people having a certificate should authenticate on my WiFi
infrastructure.
These certificates are for general purpose, so also for EAP-TLS,
Then your PKI system is wrong. You should NOT issue certificates for
multiple purposes.
You should issue RADIUS (EAP-TLS) certificates ONLY to the people who
are allowed to use EAP-TLS.
but some user in my case should not be authenticated.
To select which are the users to be authenticated and which are not,
I wanted to use LDAP properties. If a user is in the LDAP directory
it should pass, if it is not, it should be refused, but at the end, I am
unable to do it.
Did you read my statement about using LDAP groups? Do you know what
an LDAP group is?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
