LDAP retrieve additional attributes and map to radius attributes
Workout Yahoo
workoutexcite at yahoo.com
Mon Aug 7 22:36:05 CEST 2006
Hi, Sorry if this question is a repeat but I saw the
mail archives and not able to find what I am looking
for.
We are using freeradius to connect to LDAP server.
I can able to authenticate with the radius sever fine.
Now I want to retrieve ldap attribute called
productId. Depends on the productId, I have to give
access the users.
If the productId=1234, then all the users will get
access. If not..no access.
After reading the mail archives and documentation, I
saw I need to do changes in
/etc/raddb/dictionary,/etc/raddb/users,
/etc/raddb/ldap.attrmap
Can you please explain me what is the right config I
need to modify.
You help is really appreciated.
Thanks and regards.
Here is the radiusd.conf for ldap.
ldap {
server = "testldap.xyz.com"
###
identity = "cn=Directory Manager"
###
password = 1223
###
basedn =
"dc=test1213,dc=household,o=internet"
filter =
"(uid=%{Stripped-User-Name:-%{User-Name}})"
encryption_scheme = crypt
start_tls = no
dictionary_mapping =
${raddbdir}/ldap.attrmap
ldap_connections_number = 5
password_attribute = userPassword
timeout = 4
timelimit = 3
net_timeout = 1
#compare_check_items = yes
#do_xlat = yes
# access_attr_used_for_allow = yes
###
}
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the Freeradius-Users
mailing list