(RADIATOR) ADSI && userIsInGroup

Mario Lopez mario at openlink.es
Mon Dec 22 20:39:38 CST 2003


	I have being trying to make a per-user group authentification work
wih Radiador and being unsucesfull, checking the source code I have read the
following comment in AuthADSI.pm in Radius directory in the comments of the
"userIsInGroup" function.

# Check if the user is in the group
# $user is a user name and $group is a group name
# REVISIT: not working properly yet: cant get the results
# of IsMember

Does this mean that this issue is not working right know?!!!.

I am using the following configuration:

<AuthBy ADSI>
	BindString LDAP://dc=openlink,dc=es
	SearchAttribute userPrincipalName
	AuthUser  %0
	AuthFlags 0

	GroupBindString LDAP://cn=%0,ou=GruposDeAcceso,dc=openlink,dc=es
	GroupUserBindString LDAP://cn=%1,cn=clientes,dc=openlink,dc=es

<AuthBy FILE>
	Identifier Usuarios

<Handler Realm=openlink.es>
	AuthBy Usuarios

And the "usuarios file" is this one:

DEFAULT Auth-Type=ADSI, Group="OpenLink-128-128"
        WISPr-Bandwidth-Max-Down = 131072,
        WISPr-Bandwidth-Max-Up = 131072

Any suggestions of what could I do?

I have the following Active Directory schema, two OU named "Clientes" and
"GruposDeAcceso", users are in "Clientes" OU, and access groups that
determine specific VSA sending are in "GruposDeAcceso" VSA.

Any idea?

Perhaps using proxy to another RADIUS?

I am starting to get desperate.

P.D: Please do not tell me to read secion 6.4 on ref.html, I have read it,
and reread it, followed the examples in ref.html and in goodies directory
and I cannot get it to work.


Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list