Understanding dynamic radiusClients in openldap
Dave Macias
davama at gmail.com
Thu Feb 3 20:52:48 UTC 2022
Thank you both for the quick responses!!
master vs v3.X noted!
Object class radiusClient is not defined to allow attribute 'cn'. You
> probably want to combine that with another AUXILIARY object class
Good point!
I can only guess what 'cn' is supposed to store in your example. An IPv6
> address? Or MAC address?
>
The ipv6 address, since if using flat files for dynamic clients, the file
should be the <ipv6>.conf to my understanding...
So I supposed since my clients will be defined in ldap, it should be
cn=<ipv6> because I see this in the dynamic-clients file:
https://github.com/FreeRADIUS/freeradius-server/blob/4f78232d924261dc0374f7532d6475bafe6cc849/raddb/sites-available/dynamic-clients#L199
> Depending on your particular needs combining radiusClient with AUXILIARY
> object class(es) ipHost and/or ieee802Device might be what you're
> looking for. Look at the MUST attributes of those object classes though.
>
I'll give this a try. Appreciate the input!
> Ciao, Michael.
>
> P.S.: A schema-aware LDAP client with decent schema browser might lead
> you more quickly into the right direction. Being the author of
> https://www.web2ldap.de/ I'm biased of course.
>
>
Ha! This is very interesting.
Thank you Alan and Michael again for the input!
I will report back for posterity
Best,
Dave
More information about the Freeradius-Users
mailing list