Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FreeRADIUS Filter

    Scheduled Pinned Locked Moved Captive Portal
    4 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      m1k3r
      last edited by

      Hello all,

      I am using the captive portal with RADIUS authentication and the FreeRadius package which speaks with our Active Directory server, this is working great!

      I am curious as to how I allow/deny certain users or groups access through the captive portal.  I was thinking of using the FreeRadius filter field to search for an attribute in LDAP, if this is set as "1" for example then allow users through the portal, otherwise deny.

      currently, my search filter is: (samaccountname=%u)

      Could I set this as something like ((samaccountname=%u)(faxNumber=1)) and set the Fax Number in Active Directory as "1" for all users I would like to be able to use the captive portal?

      Any comments or suggestions are greatly appreciated.

      Kind regards,
      Mike

      1 Reply Last reply Reply Quote 0
      • H
        heper
        last edited by

        i'll appologize in advance: i have no answer for your question.

        i was just wondering what advantage is there for not using the AD directly from captive portal?

        1 Reply Last reply Reply Quote 0
        • M
          m1k3r
          last edited by

          I am not sure what you mean, sorry. Is there an alternative method of authentication against Active Directory other than FreeRADIUS?

          thanks,
          mike

          1 Reply Last reply Reply Quote 0
          • H
            heper
            last edited by

            you can auth captive portal "directly" at AD.  you'd have to add NPS as a server role on your windows server (network policy and access service).

            there's a sticky post on this subsection of the forum https://forum.pfsense.org/index.php?topic=63791.0
                                                                                                                                              ^^^ at the bottom of that post is a link to a PDF that contains pictures/screenshots of the whole process

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.