LDAP retrieve additional attributes and map to radius attributes
Workout Yahoo
workoutexcite at yahoo.com
Tue Aug 8 20:20:49 CEST 2006
Can someone please help me out with this issue? Will
really appreciate.
Thanks in advance.
--- Workout Yahoo <workoutexcite at yahoo.com> wrote:
> Hi, Sorry if this question is a repeat but I saw the
> mail archives and not able to find what I am looking
> for.
>
> We are using freeradius to connect to LDAP server.
> I can able to authenticate with the radius sever
> fine.
>
> Now I want to retrieve ldap attribute called
> productId. Depends on the productId, I have to give
> access the users.
>
> If the productId=1234, then all the users will get
> access. If not..no access.
>
> After reading the mail archives and documentation, I
> saw I need to do changes in
> /etc/raddb/dictionary,/etc/raddb/users,
> /etc/raddb/ldap.attrmap
>
> Can you please explain me what is the right config I
> need to modify.
>
> You help is really appreciated.
> Thanks and regards.
>
>
> Here is the radiusd.conf for ldap.
>
> ldap {
>
> server = "testldap.xyz.com"
> identity = "cn=Directory Manager"
> password = 1223
> basedn = "dc=test1213,dc=household,o=internet"
>
>
> filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
> encryption_scheme = crypt
> start_tls = no
> dictionary_mapping = ${raddbdir}/ldap.attrmap
>
> ldap_connections_number = 5
>
> password_attribute = userPassword
> timeout = 4
> timelimit = 3
> net_timeout = 1
>
> #compare_check_items = yes
> #do_xlat = yes
> # access_attr_used_for_allow = yes
>
> }
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam
> protection around
> http://mail.yahoo.com
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the Freeradius-Users
mailing list