<div>Hi, does my own ip - pools needs to be added to post-auth and to accounting section?<br><br>Thanks!<br><br>D.<br><br></div>
<div class="gmail_quote">2008/4/6 Ivan Kalik <<a href="mailto:tnt@kalik.net">tnt@kalik.net</a>>:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">ldap looks fine to me, but I don't use it.<br>
<div>
<div></div>
<div class="Wj3C7c"><br>Ivan Kalik<br>Kalik Informatika ISP<br><br><br>Dana 6/4/2008, "David Hláčik" <david@hlacik.eu> piše:<br><br>>Thanks Ivan!,<br>><br>>can i understand it like that my group structure in LDAP is okay, and there<br>
>is only need to add those to users file and it will work?<br>><br>>D.<br>><br>>2008/4/5 Ivan Kalik <<a href="mailto:tnt@kalik.net">tnt@kalik.net</a>>:<br>><br>>> DEFAULT Ldap-Group == "GroupLetters", Pool-Name := letters<br>
>><br>>> DEFAULT Ldap-Group == "GroupNumbers", Pool-Name := numbers<br>>><br>>> Ivan Kalik<br>>> Kalik Informatika ISP<br>>><br>>><br>>> Dana 5/4/2008, "David Hláčik" <david@hlacik.eu> piše:<br>
>><br>>> >Hi,<br>>> ><br>>> >i will describe what i am trying to achieve.<br>>> ><br>>> >This is my sample ldap structure<br>>> ><br>>> >users (inetOrgPerson) :<br>
>> ><br>>> ><br>>> >cn=User1,ou=Users,o=Polarion<br>>> >cn=User2,ou=Users,o=Polarion<br>>> >cn=UserA,ou=Users,o=Polarion<br>>> >cn=UserB,ou=Users,o=Polariong<br>>> >groups (GroupOfNames)<br>
>> ><br>>> >cn=GroupNumbers,ou=Groups,o=Polarion<br>>> > member=cn=User1,ou=Users,o=Polarion<br>>> > member=cn=User2,ou=Users,o=Polarion<br>>> ><br>>> > cn=GroupLetters,ou=Groups,o=Polarion<br>
>> > member=cn=UserA,ou=Users,o=Polarion<br>>> > member=cn=UserB,ou=Users,o=Polarion<br>>> ><br>>> >I want to be able to assign different poll-name per group<br>>> ><br>
>> >for GroupNumbers Pool-Name number<br>>> >for GroupLetters Pool-Name letters<br>>> ><br>>> >How can i achieve this without adding any attribute to user entry? (users<br>>> >have access to their dn, so they will be able to change it - this is what<br>
>> i<br>>> >want to block! , i know i can set readonly access in slapd.conf, but this<br>>> is<br>>> >not what i want)<br>>> ><br>>> >1) One scenario i was thinking of is to add in radius to users file :<br>
>> ><br>>> >DEFAULT Pool-Name == numbers, Ldap-Group<br>>> >== cn=GroupNumbers,ou=Groups,o=Polarion<br>>> > Fall-Through = no<br>>> ><br>>> >DEFAULT NAS-Port-Type == letters, Ldap-Group ==<br>
>> >cn=GroupLetters,ou=Groups,o=Polarion<br>>> > Fall-Through = no<br>>> ><br>>> >But what i need to add to ldap - configuration part in order to make it<br>>> >work?<br>>> ><br>
>> >Thanks very very much for help!<br>>> ><br>>> >Regards,<br>>> ><br>>> >David<br>>> >On Wed, Apr 2, 2008 at 12:13 PM, Ivan Kalik <<a href="mailto:tnt@kalik.net">tnt@kalik.net</a>> wrote:<br>
>> ><br>>> >> >So if i understand clear a i need to name and configure ip pool parts<br>>> in<br>>> >> >radius.conf and than use this name as a Pool-Name in LDAp P?<br>>> >><br>
>> >> Yes.<br>>> >><br>>> >> >Is there a<br>>> >> >chance to specify range directly in LDAP and not in ip pool?<br>>> >> ><br>>> >><br>>> >> No, but there is sqlippool. Or use DHCP on your NAS. Or define IP pools<br>
>> >> on the NAS and select them with Framed-Pool if your NAS supports it.<br>>> >> Cisco doesn't but you can set IP pool with avpairs.<br>>> >><br>>> >> Ivan Kalik<br>>> >> Kalik Informatika ISP<br>
>> >><br>>> >> -<br>>> >> List info/subscribe/unsubscribe? See<br>>> >> <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
>> >><br>>> ><br>>> ><br>>><br>>> -<br>>> List info/subscribe/unsubscribe? See<br>>> <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
>><br>><br><br>-<br>List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br></div></div></blockquote></div><br>