Multiple LDAP (Not failover) lookup...
- To: freeradius-users@lists.freeradius.org
- Subject: Multiple LDAP (Not failover) lookup...
- From: Eric Martell <workoutexcite@yahoo.com>
- Date: Tue, 7 Nov 2006 11:34:28 -0800 (PST)
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=iHNxU2XZ4VltqLqn11FH8HgJQIitDN7nRwZl4NkZ56TztsT+PKeGhc7BjjE2Hab53EarASFzeUQILIPM6V5354MVAH0WV81mn9/a1TtRTAiYJoSBOL5h7tdJ7RsDVgDyuo4+cGjiHwKZMufvek5kwg41E3kPEwCapoApxF4shq0= ;
- Reply-to: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
Hi...
I need to do multiple ldap lookups (2).. The
purpose of both the ldaps are different so it does not
abide with configurable_failover scenario in a way.
ldap1.
This ldap is solely used for authentication for
given user.
ldap2.
This ldap is solely used for checking ldap attribute
ex. productCode for given user.
User exists in BOTH The ldaps but in ldap2 we don't
store the password hash. So its just userid with given
attributes.
Here is what should happen for a given user.
If(authentication in ldap1 success) {
if(productCode attribute exists in ldap2 success) {
return Access-Accept.
} else {
return Access-Reject.
}
} else {
return Access-Reject.
}
Any inputs will be greatly appreciated.
Thanks in advance.
____________________________________________________________________________________
Sponsored Link
Try Netflix today! With plans starting at only $5.99 a month what are you waiting for?
http://www.netflix.com/Signup?mqso=80010030
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.