IP-Address assignment - NAS Pool if value is empty in LDAP

Dusty Doris freeradius at mail.doris.cc
Wed Jan 11 16:28:33 CET 2006


>> I am running freeradius-1.0.2-5.5 and need a solution for the following
>> problem:
>>
>> we want to achieve that freeradius sends back an IP-Address if there is
>> one
>> for that user in LDAP. If the value is empty freeradius shouldnt send back
>> an IP-Address and the NAS should choose one from his own ip-pool.
>>

That will work out of the box.

Make sure in ldap.attrmap you have

replyItem	Framed-IP-Address	radiusFramedIPAddress
replyItem	Framed-IP-Netmask	radiusFramedIPNetmask

**You can change those to whatever you store it as in ldap.

Then in the user, you put the IP.

dn: uid=someuser,ou=.....
radiusFramedIPAddress: 1.1.1.1
radiusFramedIPNetmask: 255.255.255.0

Then rlm_ldap, will look for an attribute of radiusFramedIPAddress and 
radiusFramedIPNetmask in ldap.  If it exists, it will send it back in the 
access-accept as a reply item.  If it doesn't exist, it won't send 
anything.

Did you try this yet?  If so and it isn't working for you, please send 
debug output (radiusd -X).






More information about the Freeradius-Users mailing list