I would like to have an ldap group that is another instance of ldap
(selected by departmentNumber), but I don't see how to add it into the
configuration (users file).
ldap everyonePlusMacs {
server = "ldap"
basedn = "dc=example,dc=com"
filter =
"(|(&(objectClass=person)(employeenumber=%{User-Name}))(&(objectClass=pers
on)(uid=%{User-Name}))(companyHostMacAddress=%{User-Name}))"
...
groupname_attribute = cn
groupmembership_filter =
"(|(&(objectClass=GroupOfNames)(member=employeeNumber=%{User-Name},ou=peo
ple,dc=lanl,dc=gov))(&(objectClass=GroupOfNames)(memberUid=%{User-Name}))))"
}
ldap NetworkingOnly {
server = "ldap"
basedn = "dc=example,dc=com"
filter =
"(|(&(objectClass=person)(employeenumber=%{User-Name})(departmentNumber=IT))(&(objectClass=pers
on)(uid=%{User-Name})(departmentNumber=IT)))"
...
}
ldap SalesOnly {
server = "ldap"
basedn = "dc=example,dc=com"
filter =
"(|(&(objectClass=person)(employeenumber=%{User-Name})(departmentNumber=Sales)(&(objectClass=pers
on)(uid=%{User-Name})(departmentNumber=Sales)))"
...
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
