Configuring LDAP for query ONLY...

Nicholas Hall ngharo at gmail.com
Fri Jan 4 18:31:54 CET 2008


On Jan 4, 2008 9:54 AM, Eric Martell <workoutexcite at yahoo.com> wrote:

> Hi Ivan,
>  Actually in the implementation we are going to treat
> on the website zipcode as a password field. we are
> asking people to enter username and zipcode which is
> store in the LDAP Schema.
>
> In the radius, I am going to receive username
> (User-Name) and zipcode ( User-Password). In the ldap
> module do query
> filter =
>
> "(&(uid=%{Stripped-User-Name:-%{User-Name}})(entitlements=WIFILOC1)(zipcode=%{User-Password}))"
>
> and depends on the resultset, give access or reject.
>
> Please let me know if this clear and any other better
> way to handle this in radius.


Couldn't you just map zipcode to the password attribute in ldap.attrmap:

checkItem Cleartext-Password  zipcode

you could then exclude the zipcode condition from your ldap filter as
FreeRADIUS should do the work.
-- 
Nicholas Hall
ngharo at gmail.com
262.208.6271
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080104/55a10f0a/attachment.html>


More information about the Freeradius-Users mailing list