Thanx a lot<br><br>I supposed this and definitely I will ask our vendor for modification of the interface<br><br>regards,<br>Peter Micunek<br><br><div><span class="gmail_quote">On 2/3/07, <b class="gmail_sendername">Phil Mayers
</b> <<a href="mailto:p.mayers@imperial.ac.uk">p.mayers@imperial.ac.uk</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Peter Micunek wrote:<br>> The proxy cannot speak to an SQL server.<br><br>Then it's very poor software, and my advice would be to look elsewhere.<br><br>><br>> Do you know some LDAP-SQL proxy which listen on LDAP server port and
<br>> convert LDAP request to SQL and vice versa.<br><br>OpenLDAP will do this, but it's not suitable for your needs (see below)<br><br>><br>> Also, I am considering to use:<br>><br>> NAS ---> FreeRADIUS (rlm_sql_mysql) ---> MySQL DB <---> OpenLDAP with
<br>> slapd-sql <---> LDAP client<br>><br>> what do you think about this?<br><br>I am not an OpenLDAP expert any more, but the last time I investigated<br>this you could not modify the SQL database "underneath" slapd-sql
<br>because of the servers caching. You had to make modifications via LDAP.<br><br>If you really need FreeRadius accounting to perform an<br>ldapadd/ldapmodify I suggest you use Exec-Program in the "acct_users"<br>
file, but be prepared for it to go slowly and break a lot.<br><br>><br>> regards,<br>> Peter Micunek<br>><br>><br>> On 2/3/07, *Phil Mayers* <<a href="mailto:p.mayers@imperial.ac.uk">p.mayers@imperial.ac.uk
</a><br>> <mailto:<a href="mailto:p.mayers@imperial.ac.uk">p.mayers@imperial.ac.uk</a>>> wrote:<br>><br>> Peter Micunek wrote:<br>> > A problem is that this proxy know IP address of customer instead of
<br>> > MSISDN and unfortunately cannot use a RADIUS to<br>> > obtain the MSISDN from another source. This proxy is able to use only<br>> > the LDAP request with IP of customer and then<br>
><br>> FreeRadius can't write to (account to) an LDAP directory.<br>><br>> It's a fundamentally bad idea to do lots of writes to LDAP. Most LDAP<br>> servers are heavily read-optimised - not write.
<br>><br>> Can the proxy speak to an SQL server?<br>><br>> If not, you could use an Exec-Program attribute in the "acct_users"<br>> file<br>> to run "ldapmodify"<br>> -
<br>> List info/subscribe/unsubscribe? See<br>> <a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a><br>><br>><br>><br>> ------------------------------------------------------------------------
<br>><br>> -<br>> List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a><br><br>-<br>List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html">
http://www.freeradius.org/list/users.html</a><br></blockquote></div><br>