We had / have the same problem. Besides radiator, we also have our own radius server (but we're trying to get rid of it, VPN by VPN). The subscribers have an attribute 'radiusProfile' in their object. Whenever the value equals "1" they should have normal access, "0" no access and for instance "2" some different set of attributes: eg. a set of ip-filters.
We forgot about the 2 for now. Somebody suggested to use the PreAuthHook to add an NV pair: add_attribute("radiusProfile", "1") and add another attribute in the directory, radiusCheck. An object now looks like this:
dn: cn=user,...
        radiusProfile = "1"
        radiusCheck = "radiusProfile=1"
The first attribute is still necessary for the other Radius server, and the second to make it work with Radiator. I think it would be a nice feature to be able to check the retrieved attributes in a hook like PostAuthHook, and be able to reject or accept it based on the vlaue (or even better, select a profile at that point.)
But anyway, this mechanisms does the job perfect for us.
- Wilbert
-----Original Message-----
From: Requiem Aurelien (Ext/NTC) <[EMAIL PROTECTED]>
To: Radiator (E-mail) <[EMAIL PROTECTED]>
Date: donderdag 8 juli 1999 16:26
Subject: (RADIATOR) More authentication Attributes


How can i add more authentication attributes
shall i use CheckAttr ?
I need to anthenticate a user via 3 informations
1°) Name
2°) Password
3°) Calling-Station-Id
All of my user are into a ldap server

Thanks a lot to answer me

Recycle your PC, Get Linux...
Recycle your Windows, Get Kde...

Archive at
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to