i've previously used radiator as it is simple to modify the check and reply items, especially when the check and reply items depend on some quite convoluted logic (the flowchart is not simple).
having had an initial look at freeradius and the ldap module - i am reaching the conclusion that the standard modules and freeradius are not suited to this task. for simple tasks such as always adding ldap attributes to reply packets then freeradius seems to be fine. there appears to be no easy way to encode any complex decision logic in the configuration files. (for example, is domain is xxx and dialled number is one of a, b, c or d, then get ldap attributes and add to reply. another example could be if ldap attribute exists, then proceed with logic block)... the only sensible location for non-trivial decision logic is in a new module specific to our needs. but would this mean that we have to implement our own calls to ldap within this module, or could we use the existing ldap module to get the relevent attributes and then use these values on our own module? that is ... { call standard ldap module; ... call our module (which uses values retrieved) ... } even my initial look at the ldap module was confusing as the exmaples simpy connect to the ldap server using the supplied usernamer and password. this is not what i want, i want to connect using a standard signle username and use the supplied User-Name to obtain various records... thoughts, comments appreciated tariq - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html