Understanding dynamic radiusClients in openldap
Dave Macias
davama at gmail.com
Tue Feb 22 20:45:19 UTC 2022
Thank you Alan for the input
Looking at /etc/raddb/mods-enabled/ldap
I see a client section
client {
base_dn = "${..base_dn}"
filter = '(objectClass=radiusClient)'
template {
}
attribute {
ipaddr = 'radiusClientIdentifier'
secret = 'radiusClientSecret'
}
}
Is this relevant to what I'm trying to do?
Im assuming I should update it to something like:
base_dn= "ou=radius,${..base_dn}"
scope = 'sub'
attribute {
hostname = 'radiusClientIdentifier'
secret = 'radiusClientSecret'
shortname = 'radiusClientShortname'
}
Assuming this is relevant, how could I correlate the new attributes
to FreeRADIUS-Client-Blah within my dynamic-clients site?
Thank you
On Tue, Feb 22, 2022 at 2:54 PM Alan DeKok <aland at deployingradius.com>
wrote:
>
> On Feb 22, 2022, at 2:29 PM, Dave Macias <davama at gmail.com> wrote:
> >
> > Arran,
> >
> > i tried your map as so:
>
> "map" isn't in v3. It's only in v4.
>
> v3 has the "sql_map" module, which only works for SQL. It should be
> possible to create an "ldap_map" module to do something similar.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list