Hello Carl - Why not just use an AddToReply in the AuthBy clause? Section 6.16.7 in the Radiator 2.18 reference manual. hth Hugh At 14:20 -0400 01/4/2, Carl Litt wrote: >I am trying to configure a DEFAULT user with AuthBy LDAP2. I want to >to authenticate the Access-Request via LDAP2, then retrieve a DEFAULT user >with LDAP2 which contains the necessary reply items. This is on my >way to using account profiles matched by LDAP request items. > >The only problem is that AuthBy LDAP2 always expects to authenticate the >user with a password. The documentation (6.33.9) states that PasswordAttr >or EncryptedPasswordAttr are required in the LDAP configuration. I did >try it without PasswordAttr, but I get an LDAP_PARAM_ERROR. Obviously >this won't let me lookup a DEFAULT user record. I think I remember some >talk of how to do this with other AuthBy methods? > >My question is: How can I use LDAP2 to append profiled (or DEFAULT) >reply items to an Access-Accept? > >Here is what my config looks like right now: > ><AuthBy LDAP2> > # Authenticate the Access-Request from LDAP > # (This all works fine) > Identifier LDAP-login > ... ></AuthBy> > ><AuthBy LDAP2> > # Fetch the DEFAULT user's reply items > Identifier LDAP-DEFAULT > ... > SearchFilter > (&(objectclass=radiusAccount)([EMAIL PROTECTED])) > UsernameAttr mailLocalAddress > AuthAttrDef radiusReplyItem,GENERIC,reply ></AuthBy> > ><AuthBy GROUP> > Identifier genericLDAP > AuthByPolicy ContinueWhileAccept > AuthBy LDAP-login > AuthBy LDAP-DEFAULT ></AuthBy> > >Thanks, > >Carl Litt >Network Administrator >Execulink Internet > > > > >=== >Archive at http://www.starport.net/~radiator/ >Announcements on [EMAIL PROTECTED] >To unsubscribe, email '[EMAIL PROTECTED]' with >'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
