[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Any Radius servers with "LDAP" backends?
One suggestion for your TODO list:
Create the CHECK_ITEM: LDAPgroup
Ex:
DEFAULT Auth-Type=LDAP, LDAPGroup="cn=Internal"
__REPLY__
Where:
file: ldapserver
basedn="o=veritel.com.br"
basegroupdn="ou=Groups, o=veritel.com.br"
We modified this code to do that.
Adrian Pavlykevych wrote:
>
> On Mon, Nov 08, 1999 at 04:18:32PM -0800, Subodh Nijsure wrote:
> >
> > Has anyone seen Radius server that actually uses ldap server to "fetch"
> > username/password and other information typically required by network
> > access devices like dial-in routers?
>
> Yes, I'm successfuly using slightly modified version of unofficial LDAP
> authentication patch to Cistron radiusd v 1.6.0-stable (now FreeRadius project) using Novell
> NDS through LDAP server as backend. Currently I use it only for authentification
> (i.e. no Radius specific information is stored in LDAP/NDS) but it can easily be
> extended. LDAP patch was developed for Netscape LDAP SDK but works fine with minor
> modification with OpenLDAP 2.0-devel libraries.
>
> URLs:
> FreeRadius: http://www.freeradius.org
>
> My todo list:
> 1) Switch to CVS version of FreeRadius
> 2) SSL connects (OpenLDAP SSL support in client code seem to lag behind the
> server on this)
> 3) Implement multiple LDAP server support - falling back in case primary LDAP server
> failure.
> NOTE: NDS seems to be very good option as an LDAP backend, because it has
> powerful replication possibilities and customizable administrative utilities.
> 4) Implement fetching some Radius attributes (like Filter-ID)
>
> >
> > Has anyone done this type of system here?
> >
> > /Subodh Nijsure
>
> --
> Adrian Pavlykevych email: <pam@polynet.lviv.ua>
> System Administrator phone/fax: +380 (322) 742041
> State University "Lvivska Polytechnica"
--
Christian M. C. Pinheiro
System Administrator - VeritelNet
<pinheiro@veritel.com.br>