LDAP Accounting
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Mon Dec 10 01:33:09 CET 2012
Just pushed up a few patches to add LDAP accounting.
Not well tested, but managed to modify attributes in my test directory.
https://github.com/FreeRADIUS/freeradius-server/commit/8a62cce4a224c03b5b5fe40cc308215c1d1b5c5e
For the moment it doesn't support adding new LDAP objects, just modifying existing ones. If someone really really wants that I could take a look at adding it.
Probably need to do something about the behaviour of post-auth now, suggestions welcome.
Just drop :
#
# Modify user object on receiving Accounting-Request
#
# Useful for recording things like the last time the user logged
# in, or the Acct-Session-ID for CoA/DM.
#
# LDAP modification items are in the format:
# <ldap attr> <op> <value>
#
# Where:
# <ldap attr>: The LDAP attribute to add modify or delete.
# <op>: One of the assignment operators (:=, +=, -=).
# Note: '=' is *not* supported.
# <value>: The value to add modify or delete.
#
accounting {
reference = "%{tolower:type.%{Acct-Status-Type}}"
type {
start {
update {
description := "Online at %S"
}
}
interim-update {
update {
description := "Online at %S"
}
}
stop {
update {
description := "Offline at %S"
}
}
}
}
Into your existing config.
-Arran
More information about the Freeradius-Devel
mailing list