You should leave the default filter... your group filter should look like this:
groupmembership_filter = (&(objectClass=posixGroup)(memberUid=%{Stripped-User-Name:-%{User-Name}}))
Or, you could change the filter to be:
filter = "(&(objectClass=posixAccount)(cn=%{Stripped-User-Name:-%{User-Name}}))"
The objectClass can be changed, but the syntax you have won't work. Also, are you trying to do EAP? If you set Auth-Type = ldap then it will not work. In most cases, you don't need to set that feature. You can run FreeRADIUS in debugging mode to find out if it's hitting LDAP... just type "freeradius -X" and check the output. I hope this helps a bit
Last edited by DisasterArea03; 11-20-2008 at 11:37 AM.
Reason: objectClass edit
|