Re: DialupAdmin/LDAP - General Questions

[Chris Carver]

Mathieu B�nard wrote:
Hello
I'd like to manage my LDAP users with DialupAdmin Radius interface, 
and here come a few questions.

1: It seems that DialupAdmin uses LDAPv2 protocol. Can it possibly use 
LDAPv3 ?
Absolutely.  I'm using it right now.
2: From what I read in the /lib/ldap/create_user.php3:
                       $dn = 'uid=' . $login . ',' . 
$config[ldap_default_new_entry_suffix];
                       $new_user_entry["objectclass"][0]="top";
                       $new_user_entry["objectclass"][1]="person";
                       
$new_user_entry["objectclass"][2]="organizationalPerson";
                       $new_user_entry["objectclass"][3]="inetOrgPerson";
                       $new_user_entry["objectclass"][4]="radiusprofile";

dialupadmin intend to use an old radius LDAP schema instead of 
RADIUS-LDAPv3.schema. It uses "uid=" as mandatory attribute, but with 
RADIUS-LDAPv3.schema, "cn=" is expected.
I don't want to modify the source of dialupadmin, so should I use an 
older radius schema, or modify it by myself ?
I modified my schema to use "cn="  The objectclass radiusprofile is 
constructed as follows:

objectclass
  ( 1.3.6.1.4.1.3317.4.3.2.1
     NAME 'radiusprofile'
     SUP top STRUCTURAL
     DESC ''
     MUST cn
     MAY ( radiusArapFeatures $ radiusArapSecurity $ radiusArapZoneAccess $
           radiusAuthType $ radiusCallbackId $ radiusCallbackNumber $
           radiusCalledStationId $ radiusCallingStationId $ radiusClass $
           radiusClientIPAddress $ radiusFilterId $ 
radiusFramedAppleTalkLink $
           radiusFramedAppleTalkNetwork $ radiusFramedAppleTalkZone $
           radiusFramedCompression $ radiusFramedIPAddress $
           radiusFramedCompression $ radiusFramedIPAddress $
           radiusFramedIPNetmask $ radiusFramedIPXNetwork $
           radiusFramedMTU $ radiusFramedProtocol $
           radiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $
           radiusGroupName $ radiusHint $ radiusHuntgroupName $
           radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $
           radiusLoginLATPort $ radiusLoginLATService $ 
radiusLoginService $
           radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetry $
           radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $
           radiusRealm $ radiusReplicateToRealm $ radiusServiceType $
           radiusSessionTimeout $ radiusStripUserName $
           radiusTerminationAction $ radiusTunnelAssignmentId $
           radiusTunnelClientEndpoint $ radiusIdleTimeout $
           radiusLoginIPHost $ radiusLoginLATGroup $ radiusLoginLATNode $
           radiusLoginLATPort $ radiusLoginLATService $ 
radiusLoginService $
           radiusLoginTCPPort $ radiusPasswordRetry $ radiusPortLimit $
           radiusPrompt $ radiusProfileDn $ radiusServiceType $
           radiusSessionTimeout $ radiusSimultaneousUse $
           radiusTerminationAction $ radiusTunnelAssignmentId $
           radiusTunnelClientEndpoint $ radiusTunnelMediumType $
           radiusTunnelPassword $ radiusTunnelPreference $
           radiusTunnelPrivateGroupId $ radiusTunnelServerEndpoint $
           radiusTunnelType $ radiusUserCategory $ radiusVSA )
     )

I hope that helps.
-Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html