Hi Matt,
We are storing user information in LDAP. Below is the authby clause we
use. To add radius attributes to the ldap entry for the user you simply
need to have them in the entry for the user ( same level in our case ).
We retrieve static ip addresses for example using the AuthAttrDef. If
there is a match for the entry StaticIPaddress on the user a reply-item of
Framed-IP-Address is returned. If not, nothing is returned and the reply
item does not get added. You can do the same for any radius attribute.
AuthAttrDef takes care of mapping together radius attributes and
corresponding attributes in LDAP.
Hope this helps,
Ingvar
<AuthBy LDAP2>
Identifier CheckLDAP
NoDefault
DefaultSimultaneousUse 1
Host ldaphost.your.network
Port 389
HoldServerConnection
Timeout 2
FailureBackoffTime 300
Scope one
AuthDN cn=Manager,cn=ldaphost
AuthPassword ldappassword
BaseDN cn=People,cn=domain1,cn=Virtual Domains,cn=ldaphost
UsernameAttr uid
PasswordAttr clearTextPassword
SearchFilter
(&(serviceStatus=Active)(%0=%w)(|(IPConnectionType=ISDNPLUS)(IPConnectionTyp
e=ADSL)))
AuthAttrDef StaticIPaddress,Framed-IP-Address,reply
AddToReply Framed-Protocol = PPP,\
Framed-IP-Netmask = 255.255.255.255, \
Framed-Routing = None, \
Service-Type = Framed-User, \
Framed-MTU = 1500, \
Framed-Compression = Van-Jacobson-TCP-IP
</AuthBy>
Ingvar Bjarnason
Engineer/Data division
Iceland Telecom
----- Original Message -----
From: "Matt Richard" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, June 24, 2003 2:27 PM
Subject: (RADIATOR) Store RADIUS attributes in LDAP?
> The Radiator documentation states that I can store RADIUS attributes
> in LDAP, and retrieve them with AuthAttrDef or similar methods. But
> the documentation doesn't discuss what schema to use, or how those
> attributes should be stored so that Radiator can find them.
>
> How are other people doing this? (Is anyone else doing this?) Are
> you using schema's from OpenRADIUS or FreeRadius, or Netscape
> Directory Server or the aboba draft? Or are you building your own
> schema?
>
> Thanks!
>
> Matt
> --
> Matt Richard
> Access and Security Coordinator
> Franklin & Marshall College
> [EMAIL PROTECTED]
> (717) 291-4157
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
