On Wed, 24 Oct 2001, Toth Zoltan wrote:
> Hi
>
> would you send me an example, here is my users file.
>
> my ldap server is running on novell
>
radiusd.conf:
[...]
ldap {
server = "your.ldap.server"
identity = "cn=Directory Manager"
password = "XXXXXXX"
basedn = "o=company,c=com"
filter = "(uid=%u)"
#default_profile = "uid=default-dialup,o=company,c=com"
#access_group = "cn=clients,ou=dialup,o=My Org,c=US"
#access_attr = "dialupAccess"
profile_attribute = "dialupRegularProfile"
dictionary_mapping = ${raddbdir}/ldap.attrmap
timeout = 4
timelimit = 3
net_timeout = 1
ldap_debug = 0x0000
}
[...]
authorize {
othermodule1
othermodule2
ldap
}
ldap.attrmap:
[...]
replyItem Framed-IP-Address radiusFramedIPAddress
replyItem Framed-IP-Netmask radiusFramedIPNetmask
replyItem Framed-Route radiusFramedRoute
add the radiusprofile objectclass to your ldap server schema. Normally, it
can be done by ldapmodifies to the cn=schema, but check your documentation.
add a user entry to the ldap with the following extra attributes:
objectClass: radiusprofile
radiusFramedIPAddress: 111.111.111.111
^^^^^^^^^^^^^
your address here
Run radiusd in debug mode (radiusd -X) and see what it does.
--
kkalev
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
