Help in allowing particular AD group to be authorised

classic Classic list List threaded Threaded
3 messages Options
| Threaded
Open this post in threaded view
|

Help in allowing particular AD group to be authorised

shivangi jaiswal
Hi,

I am looking for possible ways to perform  radius Authorization for a
particular group.
I was able to successfully integrate rhel 7.3 with Ad using ntlm_auth and
mschap..

Could someone please assist

Thanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

RE: Help in allowing particular AD group to be authorised

Users mailing list
You can try..

ntlm_auth --require-membership-of=STRING  
  Require that a user be a member of this group (either name or SID) for authentication to succeed

And i say use the SID.  


Greetz,

Louis
 

 

> -----Oorspronkelijk bericht-----
> Van: Freeradius-Users
> [mailto:freeradius-users-bounces+belle=[hidden email]
> ius.org] Namens shivangi jaiswal
> Verzonden: donderdag 24 september 2020 16:35
> Aan: [hidden email]
> Onderwerp: Help in allowing particular AD group to be authorised
>
> Hi,
>
> I am looking for possible ways to perform  radius Authorization for a
> particular group.
> I was able to successfully integrate rhel 7.3 with Ad using
> ntlm_auth and
> mschap..
>
> Could someone please assist
>
> Thanks
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Help in allowing particular AD group to be authorised

Kristofer Hallin
In reply to this post by shivangi jaiswal
Can't you just do some very simple logic for that?

if (Ldap-Group != "Group") {
    reject
}

/K

On Thu, Sep 24, 2020 at 4:35 PM shivangi jaiswal <[hidden email]>
wrote:

> Hi,
>
> I am looking for possible ways to perform  radius Authorization for a
> particular group.
> I was able to successfully integrate rhel 7.3 with Ad using ntlm_auth and
> mschap..
>
> Could someone please assist
>
> Thanks
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html