I am using LDAP authorization. What I am looking to accomplish is to reject/deny (so not even attempt authentication) for disabled users.
I am authentication against AD (use LDAP for authorize and ntlm for authentication). If I were to search for all none disabled users using ldapsearch, the filter query for this would be: !(userAccountControl:1.2.840.113556.1.4.803:=2) That is the part that limits the results to only enabled users. Wondering how I would do this in FreeRadius? Even on a more general level how I would reject based off certain returned attributes. Thanks
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
