TOTPRadius - RADIUS Dynamic attribute response based on AD Group membership
This can be configured in Settings → RADIUS Service configuration:
The 'Additional RADIUS Attributes' field should contain the reference to the ldap-group script as shown on the example below:
update reply { Filter-ID :=`/usr/bin/php /var/www/ldap-group.php '%{User-Name}' '%{User-Password}'` }
Important: The group names used for this parameter should not contain "=" sign.
The 'RADIUS LDAP Group mapping' field should contain a mapping rule, which allows members of the specified AD group to have Tunnel-Private-Group-ID attribute equal to some value.
For the example above, if a user belongs to an AD Group named 'Token2_VPN_users', the Filter-ID will be included in the Radius reply as below:
About
Installation and configuration
- Installation and initial configuration
- Network configuration
- Migrating from older versions
- LDAP Configuration
- Azure AD Configuration
- Self-service enrollment portal
- Web and LDAPS Certificates
- Syslog configuration
- Single-factor authentication exceptions
- Slave appliance mode
- Dynamic RADIUS Attributes
Integration guides
Blog
14-04-2024
Adding FIDO2 Security Keys to FINOM accounts
FINOM is a leading provider of digital banking solutions, offering innovative services to help individuals and businesses manage their finances efficiently. We're pleased to introduce a comprehensive guide on integrating FIDO2 Security Keys into your account with FINOM.
27-02-2024
Enhancing Bitwarden Security and Convenience with Passkeys
Bitwarden's latest upgrade introduces passkeys, such as FIDO2 keys and platform authenticators, enhancing both security and user convenience for vault encryption and decryption tasks with PRF capabilities.
15-02-2024
Introducing Token2 PIN+ Release 2: Elevating Security with 300 Passkey Storage
We're excited to introduce Token2 PIN+ Release 2, our latest FIDO2 Key that boasts an unmatched advantage: the ability to store up to 300 passkeys (aka resident keys or discoverable credentials). This significant capacity provides unparalleled flexibility and convenience for managing your online accounts securely.