What is the correct way to return a different reply attribute depending on a
user’s AD member ship in group using AuthBy LDAP2 ?
The idea is to give some users full privileges to network equipment or limited
privileges based on AD group membership.
<AuthBy LDAP2>
Identifier uiowa_ad_users
Host XXXXX.iowa.uiowa.edu
AuthDN CN=serviceid,OU=ServiceIDs,OU=User Accounts,DC=iowa,DC=uiowa,DC=edu
AuthPassword SECRET
Port 389
UseTLS
SSLVerify None
BaseDN DC=iowa,DC=uiowa,DC=edu
Scope base
SearchFilter (objectclass=*)
ServerChecksPassword
UsernameAttr sAMAccountName
</AuthBy>
Do I use multiple AuthBy LDAP2 sections with different search filters in a
AuthBy GROUP, or is there something I can do with AuthAttrDef ?
Multiple Google searches have been inconclusive and I’m not sure what the best
solution is according to the manual.
Thanks.
_______________________________________________
radiator mailing list
radiator@lists.open.com.au
https://lists.open.com.au/mailman/listinfo/radiator
