(RADIATOR) <AuthBy LDAP2> and Group membership checks?
Hugh Irvine
hugh at open.com.au
Tue Aug 30 19:12:55 CDT 2005
Hello Jan -
You can use two AuthBy LDAP2 clauses with an AuthByPolicy:
.....
AuthByPolicy ContinueWhileAccept
# check password
<AuthBy LDAP2>
.....
</AuthBy>
# check Group
<AuthBy LDAP2>
.....
</AuthBy>
.....
regards
Hugh
On 30 Aug 2005, at 17:52, Jan Tomasek wrote:
> Hello,
>
> I need to setup Radiator to authenticate users against LDAP (I need
> just
> plain RADIUS, ie no EAP stuff). That is piece cake with Radiator :)
> But! Every
> successfuly authenticated user has to be member of group
> 'cn=somegroup,
> ou=Groups, dc=cesnet, dc=cz'.
>
> SearchFilter allows me to check atributes in own user's entry, but not
> membership of that user in some group. Is there any way how to do
> it in some
> simple way? I'm running version 3.12 with patch 498.
>
> Thanks
> --
> --------------------------------------------------------------
> Jan Tomasek aka Semik work: CESNET, z.s.p.o.
> http://www.tomasek.cz/ Zikova 4, 160 00 Praha 6
> Czech Republic
> phone(work): +420 2 2435 5279 http://www.cesnet.cz/
>
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list