Hi Fabrice, thanks for ideas. I will look into them.
With some more research i had the idea that it also might be possible to get FreeRADIUS to write directly into the SQL database, i.e. depending on the LDAP group I would set the node_info->category field in the database accordingly. But for the time being I will now try to get your suggestions to work. Just have to figure out the details. Thanks, Andreas On 03.11.2012 17:34, Fabrice Durand wrote: > Hello Andreas, > you have two way to do that. > 1: Using "update request" in freeradius to add a new attribute in the > request based on a ldap request. > 2: In PacketFence by using the radius attributes (radius.pm) and make a > request to Active Directory. > > In the two option you have to categorize your node per attribute and in > vlan/custom.pm you have to return the correct per category. > > Regards > > Le vendredi 2 novembre 2012 14:53:02, Andreas Görlach a écrit : >> Hello everybody, >> >> does anybody know if it's possible to assign a VLAN to a user based on >> AD groups? Not via the portal but with EAP authentication. >> >> In my view this would imply getting FreeRADIUS to check the memberOf >> attribute and setting the VLAN for the node accordingly. I understand >> the only means to distinguish users is the node_info->category >> attribute. This would have to be set by FreeRADIUS then. Or is there >> another, straight forward way? >> >> The basic idea is to distinguish user groups. Well, the RBAC idea but >> without the need to manage users on the PF server or assigning role to >> users on the PF server. >> >> Any ideas appreciated. >> >> Andreas >> >> ------------------------------------------------------------------------------ >> LogMeIn Central: Instant, anywhere, Remote PC access and management. >> Stay in control, update software, and manage PCs from one command center >> Diagnose problems and improve visibility into emerging IT issues >> Automate, monitor and manage. Do more in less time with Central >> http://p.sf.net/sfu/logmein12331_d2d >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > ------------------------------------------------------------------------------ > LogMeIn Central: Instant, anywhere, Remote PC access and management. > Stay in control, update software, and manage PCs from one command center > Diagnose problems and improve visibility into emerging IT issues > Automate, monitor and manage. Do more in less time with Central > http://p.sf.net/sfu/logmein12331_d2d > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ------------------------------------------------------------------------------ LogMeIn Central: Instant, anywhere, Remote PC access and management. Stay in control, update software, and manage PCs from one command center Diagnose problems and improve visibility into emerging IT issues Automate, monitor and manage. Do more in less time with Central http://p.sf.net/sfu/logmein12331_d2d _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
