| Version 1 (modified by , 6 years ago) ( diff ) |
|---|
Authentication with orbit LDAP and freeradius3
- install freeradius 3, and freeradius-ldap
- we'll only touch the following files:
- symlink mods-avalable/ldap to mods-enabled/ldap
- edit mods-enabled/ldap
- edit sites-enabled/default
- edit sites-enabled/inner-tunnel
- ldap control mapping of radius attributes to ldap ones
- sites-enabled/default post-auth sections sets policy
- send semicolon separated list of groups to pfsense
foreach &control:Ldap-Group { update reply { Class += "%{Foreach-Variable-0};" } } - set allowed groups
#allow only users of following groups to authorize if (LDAP-Group == sysadmin) { noop } elsif (LDAP-Group == vpnuser) { noop } else { reject }
Note:
See TracWiki
for help on using the wiki.
