On 20 Jun 2013, at 13:25, Thomas Hermarij Maimann Andersen <[email protected]> wrote:
> Hi, > > I've been reading the mailing list for a few days and tried to see if there > are any posts resempling mine. There are a few "almost" but noting that has > got me that final step. > > Currently i have a radius server authenticating with ntlm to an AD. > What I wan't now, is to assign a VLAN to the user based on > ExtensionAttribute1, which is set to a numeric value which represents the > VLAN id. E.g. 1001 > > I am currently messing with sites-enabled/default in the post-auth section > where I try to set Tunnel-Private-Group-Id to the number they have in their > attribute, but I have no clue on how to link that. Use git HEAD: https://github.com/FreeRADIUS/freeradius-server/blob/master/raddb/mods-available/ldap#L55 There's an example of setting the the VLAN in the default configuration. In post-auth you can add something like if (reply:Tunnel-Private-Group-ID) { update reply { Tunnel-Type := "VLAN" Tunnel-Medium-Type := "IEEE-802" } } Or in v2 you can use the attrmap file (and the above). Or the above and LDAP xlat. -Arran Arran Cudbard-Bell <[email protected]> FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
