LDAP draft-wahl-ldap-session
Michael Ströder
michael at stroeder.com
Mon Jun 22 22:22:49 CEST 2015
Arran Cudbard-Bell wrote:
>
>> On Jun 22, 2015, at 3:38 PM, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:
>>
>>
>>> On Jun 22, 2015, at 3:25 PM, Michael Ströder <michael at stroeder.com> wrote:
>>>
>>> HI!
>>>
>>> Recently I appreciated very much that some LDAP clients send the Session Track
>>> Control [1] along with their LDAP requests. draft-wahl-ldap-session was
>>> written especially with RADIUS in mind. Any chance to see this implemented?
>>
>> So, what would be the session identifier in the case of Authentication (which is when rlm_ldap is being called)?
>
> Looks like it'd be username... Weird.
> I guess I can see the point.
Yes, I think so.
> Are you sure OpenLDAP implements the server portion of this?
Yes!
I also make use of it in my web2ldap and in a password self-service
application. It's nice to see the browser IP getting logged in syslog and even
in the accesslog DB (when using slapo-accesslog).
Ciao, Michael.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4272 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150622/d87660d0/attachment-0001.bin>
More information about the Freeradius-Users
mailing list