Hi List,
It's a bit naive question, just to keep concepts clear.
I want to use the "dialupAccess" attribute to enable or disable one
user/host to login.
So if "dialupAccess : disabled", the user/host is rejected.
I've one ldap instance with:
#
# Group membership checking. Disabled by default.
#
groupname_attribute = dialupAccess
groupmembership_filter = "(objectClass=radiusProfile)(uid=%u)"
groupmembership_attribute = dialupAccess
In users:
############################################################################
######
## Disabled accounts in LDAP
############################################################################
######
DEFAULT Ldap-Group==disabled, Auth-Type := Reject
Reply-Message := "FAIL: Account disabled. Please call helpdesk.",
Fall-Through = no
############################################################################
######
Matchs the idea?, or should be done in a different way?
Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
