vn-ansible/roles/config-freeradius-totp/templates/ldap.j2

ldap {
	server = 'ldap.verdnatura.es'
	identity = 'cn=admin,dc=verdnatura,dc=es'
	password = "{{ bindradiusldap_password }}"
	base_dn = 'dc=verdnatura,dc=es'
	user_dn = "LDAP-UserDn"
	update {
		control:Password-With-Header    += 'userPassword'
		control:NT-Password             := 'sambaNTPassword'
	}
	user {
		base_dn = "ou=users,${..base_dn}"
		filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
	}	
	group {
		base_dn = "ou=groups,${..base_dn}"
		name_attribute = 'cn'
		membership_attribute = 'memberUid'
		membership_filter = "(memberUid=%{%{Stripped-User-Name}:-%{User-Name}})"
		filter = '(objectClass=posixGroup)'
		cacheable_name = yes
	}
	accounting {
		reference = "%{tolower:type.%{Acct-Status-Type}}"
		type {
			start {
				update {description := "Online at %S"}
			}
			interim-update {
				update {description := "Last seen at %S"}
			}
			stop {
				update {description := "Offline at %S"}
			}
		}
	}
	post-auth {
		update {description := "Authenticated at %S"}
	}
	options {
		rebind = yes
		res_timeout = 10
		srv_timelimit = 3
		net_timeout = 1
		idle = 60
		probes = 3
		interval = 3
		ldap_debug = 0x0028
	}
	pool {
		start = ${thread[pool].start_servers}
		min = ${thread[pool].min_spare_servers}
		max = ${thread[pool].max_servers}
		spare = ${thread[pool].max_spare_servers}
		uses = 0
		retry_delay = 30
		lifetime = 0
		idle_timeout = 60
	}
}
freeradius rol install + config 2024-05-08 11:33:10 +00:00			`ldap {`
			`server = 'ldap.verdnatura.es'`
			`identity = 'cn=admin,dc=verdnatura,dc=es'`
			`password = "{{ bindradiusldap_password }}"`
			`base_dn = 'dc=verdnatura,dc=es'`
			`user_dn = "LDAP-UserDn"`
			`update {`
			`control:Password-With-Header += 'userPassword'`
			`control:NT-Password := 'sambaNTPassword'`
			`}`
			`user {`
			`base_dn = "ou=users,${..base_dn}"`
			`filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"`
			`}`
			`group {`
			`base_dn = "ou=groups,${..base_dn}"`
			`name_attribute = 'cn'`
			`membership_attribute = 'memberUid'`
			`membership_filter = "(memberUid=%{%{Stripped-User-Name}:-%{User-Name}})"`
			`filter = '(objectClass=posixGroup)'`
			`cacheable_name = yes`
			`}`
			`accounting {`
			`reference = "%{tolower:type.%{Acct-Status-Type}}"`
			`type {`
			`start {`
			`update {description := "Online at %S"}`
			`}`
			`interim-update {`
			`update {description := "Last seen at %S"}`
			`}`
			`stop {`
			`update {description := "Offline at %S"}`
			`}`
			`}`
			`}`
			`post-auth {`
			`update {description := "Authenticated at %S"}`
			`}`
			`options {`
			`rebind = yes`
			`res_timeout = 10`
			`srv_timelimit = 3`
			`net_timeout = 1`
			`idle = 60`
			`probes = 3`
			`interval = 3`
			`ldap_debug = 0x0028`
			`}`
			`pool {`
			`start = ${thread[pool].start_servers}`
			`min = ${thread[pool].min_spare_servers}`
			`max = ${thread[pool].max_servers}`
			`spare = ${thread[pool].max_spare_servers}`
			`uses = 0`
			`retry_delay = 30`
			`lifetime = 0`
			`idle_timeout = 60`
			`}`
			`}`