RE: (RADIATOR) LDAP Attributes

1999-06-03 Thread Ingvar Berg (ERA) 

Have you tried with some invalid attribute values for those users? Like Service-Typ 
"Mail" or an IP address that just sends them to the bit bucket?
 
mvh,
Ingvar

-Original Message-
From: Martin Oelgemoeller [mailto:[EMAIL PROTECTED]]
Sent: den 3 juni 1999 11:32
To: [EMAIL PROTECTED]
Subject: (RADIATOR) LDAP Attributes


We are using Radiator to ask our LDAP-Server to access Customers to our 
Dial-In-Service.
That works fine.
Now we want to ask other Atributes, like one which says, that this user is a 
mail-only-user
and has no dial-in service available.
The Doc and FAQ tells about CheckAttr and ReplyAttr, but the examples are not as exact 
as i want them to be. Has anyone a running config which solves my problem or any hints
about asking Attribues from the LDAP Server ?
 
We are running the lastes Radiator Version 2.13.1 incl. patches on Solaris 2.6 and 
Netscape 
Directory Server on the same machine.
 
Thanks.
 

mfg
Martin Oelgemoeller
--
Martin Oelgemoeller   uni-X Software GmbH
Tel: 49-541-71008-0   Mindener Strasse 127
Fax: 49-541-7100899   D-49084 Osnabrueck
mailto:[EMAIL PROTECTED] http://www.uni-x. 
 net   


===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) LDAP Attributes

1999-06-03 Thread Mike McCauley 

Hi Martin.

This is pretty well what you have to do to define some check items in LDAP:

1. invent a new LDAP attribute to hold check items. Lets call it "checkitems".
2. In your AuthBy LDAP, add this:
CheckAttr   checkitems
which tells LDAP to get check items from an L:DAP attribute called checkitems.
3. For users that need check items, add them to the checkitems attribute in
LDAP like this: Imagine that you want to limit a user to email only, and that
email authentication has a distinctive Service-Type, set the checkitems LDAP
attribute for that user to be:
Service-Type=Authenticate-Only

You can add more check items for the same user by comma-separation:
NAS-IP-Address=1.2.3.4,Service-Type=Authenticate-Only

Hope that helps.

Cheers.

On Jun 3, 11:31am, Martin Oelgemoeller wrote:
> Subject: (RADIATOR) LDAP Attributes
>
> We are using Radiator to ask our LDAP-Server to access Customers to our
Dial-In-Service.
> That works fine.
> Now we want to ask other Atributes, like one which says, that this user is a
mail-only-user
> and has no dial-in service available.
> The Doc and FAQ tells about CheckAttr and ReplyAttr, but the examples are not
as exact
> as i want them to be. Has anyone a running config which solves my problem or
any hints
> about asking Attribues from the LDAP Server ?
>
> We are running the lastes Radiator Version 2.13.1 incl. patches on Solaris
2.6 and Netscape
> Directory Server on the same machine.
>
> Thanks.
> mfg
> Martin Oelgemoeller
> --
> Martin Oelgemoeller   uni-X Software GmbH
> Tel: 49-541-71008-0   Mindener Strasse 127
> Fax: 49-541-7100899   D-49084 Osnabrueck
> mailto:[EMAIL PROTECTED]   http://www.uni-x.net
>
>
> [ Attachment (text/x-html): 2330 bytes
>   Character set: us-ascii ]
>-- End of excerpt from Martin Oelgemoeller



-- 
Mike McCauley   [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985   Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, 
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.