[EMAIL PROTECTED] a écrit :
My radius server is used to authenticate users from differents relams
(lets say 8) against one ldap server.
My ldap server has 8 different basedn which holds users from the realms.
I want to use unlang to configure radiusd to use a specific ldap module
configuration based on the realm of the user connected to the wireless
network.
Can I use unlang with (switch %{Realm}statement) to do so ?
Yes. If you can put %{Realm} into your basedn configuration line you
might not need to.
Ivan Kalik
Kalik informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks Ivan. but i can not put Realm variable in my basedn configuration
line.
I use unlang, here is my configuration radiusd.conf:
modules {
..............
ldap
switch "%{Realm}" {
case dr4.cnrs.fr {
server = "ldapauth.cnrs-gif.fr"
identity = "uid=Manager,ou=people,dc=dr4,dc=cnrs,dc=fr"
password = xxxxx
basedn = "ou=people,dc=dr4,dc=cnrs,dc=fr"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
base_filter = "(objectclass=radiusprofile)"
.....
}
case lsce.ipsl.fr {
server = "ldapauth.cnrs-gif.fr"
identity = "uid=Manager,ou=people,dc=lsce,dc=ipsl,dc=fr"
password = regif2
basedn = "ou=people,dc=lsce,dc=ipsl,dc=fr"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
base_filter = "(objectclass=radiusprofile)"
........
}
case {
server = "ldapauth.cnrs-gif.fr"
identity = "uid=Manager,ou=people,dc=dr4,dc=cnrs,dc=fr"
password = regif2
basedn = "ou=people,dc=dr4,dc=cnrs,dc=fr"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
base_filter = "(objectclass=radiusprofile)"
...........
}
authorize {
......
ldap
......
}
But when I restarted radiusd, it shows errors initializing modules -ldap-
What am I doing wrong ?
thanks for any clues.
--
Mustapha BOUIKHIF
Service Systèmes d'Information
CNRS - DR4
tel: +33 1 69 82 33 97
fax: +33 1 69 82 33 39
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
