(RADIATOR) CLI auth using LDAP

[deen]

Hi List,   What I am trying to do is, authenticate a user CLI appearing in the RADIUS Auth records, against his telephone number residing in LDAP, rather than username/password. I have seen a sample in the ldap.cfg in the goodies directory and was checking. Following is what I have in my cfg file.   This does not work, and the line drops at authentication. I am using a Cisco AS 5300. Please tell me what I am missing. I have tested the LDAP with normal username/password and it works.   Thanks    Deen   <Realm DEFAULT>         <AuthBy LDAP2>                 Host            localhost                                                                                              Port            389               Version 3                                                                                               AuthDN          cn=Manager,dc=slt,dc=lk                 AuthPassword    xxx                                                                                              # The base DN at which to start the search                 BaseDN          dc=slt,dc=lk #UsernameAttr    uid #PasswordAttr    userPassword   #Framed-Protocol = PPP,\ #Framed-IP-Netmask = 255.255.255.255,\ #Framed-Routing = None,\ #Framed-MTU = 1500,\ #Framed-Compression = Van-Jacobson-TCP-IP ## Old Stuff ##                 # This will check Calling-Station_id against                 # LDAP attribute mobile                 Identifier Check-LDAP-telephoneNumber               #  Identifier telephoneNumber               # Calling-Station-Id is used to search               # instead of UsernameAttr and PasswordAttr                 SearchFilter (telephoneNumber=%{Calling-Station-Id})                 NoDefaultIfFound AddToReply Framed-Protocol =  PPP,\ Service-Type = Framed-User ## Old Stuff ## </AuthBy> etc.