[GH-ISSUE #19] How can I use LdapGroupsFilter in radiusd.conf ? #15

New issue

Open

opened 2026-03-13 14:31:16 +03:00 by kerem · 1 comment

kerem commented 2026-03-13 14:31:16 +03:00

Owner

Copy link

Originally created by @davidemiccone on GitHub (Apr 14, 2025).
Original GitHub issue: https://github.com/abbas-gheydi/radotp/issues/19

Which is the scope of LdapGroupsFilter in radiusd.conf, how can I use it?

Thanks

Originally created by @davidemiccone on GitHub (Apr 14, 2025). Original GitHub issue: https://github.com/abbas-gheydi/radotp/issues/19 Which is the scope of LdapGroupsFilter in radiusd.conf, how can I use it? Thanks

kerem commented 2026-03-13 14:31:21 +03:00

Author

Owner

Copy link

@Ctere1 commented on GitHub (May 7, 2025):

The LdapGroupsFilter setting in radiusd.conf defines which LDAP groups are allowed to authenticate via RADIUS.

• If this setting is defined: Only users who are members of the specified LDAP groups will be allowed to authenticate. All others will receive an Access-Reject response, even if their credentials are correct.

• If this setting is left blank or not set: RADIUS will still validate usernames and passwords, but no group membership checks will be performed. This means all users with valid credentials—regardless of group—will be granted access.

<!-- gh-comment-id:2858764724 --> @Ctere1 commented on GitHub (May 7, 2025): The LdapGroupsFilter setting in radiusd.conf defines which LDAP groups are allowed to authenticate via RADIUS. - If this setting is defined: Only users who are members of the specified LDAP groups will be allowed to authenticate. All others will receive an Access-Reject response, even if their credentials are correct. - If this setting is left blank or not set: RADIUS will still validate usernames and passwords, but no group membership checks will be performed. This means all users with valid credentials—regardless of group—will be granted access.

kerem referenced this issue 2026-03-13 14:32:58 +03:00

[PR #15] [MERGED] Feat: add 'Message-Authenticator' attribute to RADIUS package and refactor code #22

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

v2.4.0

v2.3.0

v2.2.0

v2.1.1

v2.1.0

v2.0.1

v2.0.0

v1.0.0

Labels

Clear labels   

pull-request

Mirrored from GitHub Pull Request

No labels

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/radotp#15

No description provided.