Adding a ldap.attrb Dialuppassword to radius-ldap.schema
Kostas Kalevras
kkalev at noc.ntua.gr
Fri Jul 20 12:19:42 CEST 2007
O/H Jóhann B. Guðmundsson έγραψε:
> RHEL5/FreeRadius freeradius-1.1.3-1.2.el5/Fedora Directory server.
>
> Scenario...
>
> Currently trying to move all our dial up user entry's from users file to
> ldap ( FDS )
> and need to add an attribute in radius ldap schema which would contain
> clear text password
> of the dial in password for the dial up users and match the dial in
> password to that password
> instead of users login password.
>
> What needs to be done to make this possible if it is possible?
>
> ( user are already authenticated through ldap except for their adsl
> dial in passwords
> which are in clear text and even if the passwords weren't in clear text
> and they could
> use there login password to login the user ain't smart enough and or
> technology challenge ( or at least majority of them )
> to know if they change they're login password they needed to change it
> in the adsl router as well )
>
> Schema changes?
> Dictionary changes
> ldap.attrmap changes
> ldap changes in radiusd.conf? ( password_attribute already mapped to
> userPassword in the ldap section )
>
> Best regards
> Johann B.
>
>
You need to add the new attribute in the schema (add it in the user
entries) and add it in the password* configuration directives of the
ldap module. I don't think you need to touch the dictionaries or
ldap.attrmap.
After that, configure the pap module and you should be set.
--
Kostas Kalevras - Network Operations Center
National Technical University of Athens
http://kkalev.wordpress.com
More information about the Freeradius-Users
mailing list