New LDAP module in "master"

Alan DeKok aland at
Tue Nov 13 21:47:20 CET 2012

Peter Lambrechtsen wrote:
> We use the eDir module within FreeRadius quite heavily so wouldn't want
> to loose that functionality.

  I understand.

> If you have a RHEL (or Centos), SLES or Solaris instance then it's
> pretty straight forward how to test if the eDirectory Universal Password
> functionality is functional or not.  You can easily download eDirectory
> from <> and I can help
> with the few steps required to get a working instance after that.

  I'll see, but I can't make any promises.  I'm busy with other work,
and eDir isn't something I use at all.  Maybe someone else on the list
can help.

  Most of the relevant code is in edir_ldapext.c.  That hasn't changed.
 I *would* want it to be formatted correctly, though.

  And the whole "apc_conns" craziness needs to go away.  There's no need
for it. in the new module.  That should simplify the code.

  The "passwd_attr" code is gone.  It wasn't necessary, and deleting it
simplifies the server.  Instead, the module should have a simple boolean
"edir = yes / no".

  I think in the end the code changes aren't much.  They just require a
bit of time and effort.

  The rest of the LDAP module was changed for performance, simplicity,
and maintainability.  The new code is much better than the old.

  Alan DeKok.

More information about the Freeradius-Devel mailing list