Matthew Ceroni wrote: > That is what I tried. So I set > > base_filter = > "(&(objectclass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))" > > But what I am finding is whether the user is found and enabled, user is > found but disabled, or user isn't found at the output (from radius > debug) shows
Does that filter work when you use it with the command-line ldap search tool? > [ldap] user XXXXXX authorized to use remote access > > So then it continues onto the authorization part. How do I get it to > reject if the user isn't found (or user is disabled)? Use ldap.attrmap, as I said in my previous message. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
