On Sun, Jul 3, 2016 at 6:26 PM, jvi <v8kjvi0j6 at gmail.com> wrote: > Now I'd like to replicate the same behavior using certificate > authentication, so a user connects, auth via cert, and is able to > select which group they want. It so far only worked for either no > group record present, or with default group explicitly defined in the > config file. > So basically what's above with addition of > cert-user-oid = 2.5.4.3 > default-select-group = default > #cert-group-oid = 2.5.4.11 > > This way a user connects and gets auto-selected the 'default' group. > That's okay. Works. > > Now, though, the problem is that if I uncomment cert-group-oid and > start defining a list of groups under OU, e.g. "default, tor" so a Use different OU fields. I.e., "ou = default", "ou = tor", in the same certificate.
