Running Radiator 2.15 under Sun OS 5.6 against Netscape LDAP 3.11, Cisco
AS5300 as the access server.
I'm using the AuthAttrDef function to limit those that can have access to
our system after connecting to the AS.
As long as the altmail5 attribute exists in the user's entry, I can permit
or deny access by assigning the appropriate value (being equal to
NAS-Port-Type). Works just fine like that....however to my dismay, I just
realised that if the attribute DOESN'T exist, it isn't checked and access is
granted for that user regardless if I want them to get in, or not (obviously
as long as the password is OK). Can't I have it so that if the attribute
doesn't exist, it boots them out of the system?
I was hoping to just add the attribute to the people that I want dialing in.
Instead, will I have to add it to the thousands of users we have in the
directory, then giving those people a value that will never match
NAS-Port_Type? Get my drift?
Thanks guys!!!!
Steve
<AuthBy LDAP2>
Host xxxxxxx
Port xxx
AuthDN uid=admin,o=Fox Chase Cancer Center,c=US
AuthPassword xxxxxxxx
BaseDN o=Fox Chase Cancer Center, c=US
UsernameAttr uid
PasswordAttr userpassword
AuthAttrDef altmail5,NAS-Port-Type,check
</AuthBy>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Stephen A. Felicetti Sr. Network Engineer
mailto:[EMAIL PROTECTED] Fox Chase Cancer Center
215-728-2956 (v) *Institute for
Cancer Research*
215-728-2513 (f)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Stephen Felicetti (E-mail).vcf
