Куприянов Максим wrote: > I'm using FreeRadius 2.1.3 with LDAP (eDirectory) and plain-text (users file) > backends and I don't know how to solve a couple of problems :(
How do you tell the users apart? > 1. Is possible to mix users with same names, but different passwords from > LDAP and from users file? There are some old time users in my org, who don't > belong to eDirectory tree and there are users in eDirectory with same names > that should not be treated like old-time ones. Maybe. > 2. I need some special DEFAULT with Fall-Through=yes rules that should match > only users, authenticated by LDAP backend. I've tried Ldap-UserDn in check > section of users file, but it seems to me, that Ldap-UserDn attribute is > empty everytime :( Don't use the "users" file for this. See "man unlang". > 3. Also i need a reject rule for those users, who was authenticated by LDAP > and do not belong to any ldap-group. I've tried Ldap-Group !*, but this > attribute always exists for every user :( I'm not sure how you would do that. Maybe do an LDAP query for group membership, and check if the returned string is empty. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
