ldap backend and Realm
tnt at kalik.net
tnt at kalik.net
Mon Nov 17 13:23:36 CET 2008
>I use unlang, here is my configuration radiusd.conf:
>
>modules {
>
>...............
>
>ldap
> switch "%{Realm}" {
> case dr4.cnrs.fr {
1. What version is this? Unlang works onl y in 2.x? ldap is not in
radiusd.conf in that version any more.
2. unlang works in server not module configuration files. Create a
temporary attribute to store basedn in raddb/dictionary file (lets say a
string My-BaseDN). Than do this just before ldap in authorize:
switch "%{Realm}" {
case "dr4.cnrs.fr" {
update control {
My-BaseDN = "ou=people,dc=dr4,dc=cnrs,dc=fr"
}
}
case ...
}
In ldap module configuration:
ldap {
server = "ldapauth.cnrs-gif.fr"
identity = "uid=Manager,%{control:My-BaseDN}"
password = whatever
basedn = "%{control:My-BaseDN}"
..
}
If password also changes you will need another temp attribute (lets say
My-Password) to update with My-BaseDN and to replace for "whatever".
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list