RE: (RADIATOR) Update LDAP dir from Radiator
I'd be very interested in any performance figures for this, when you get it running. I assume that you are going to use the stored IP address to retrieve user info later on? And how many users? Best regards, Ingvar Berg > -Original Message- > From: Paul van der Zwan [mailto:[EMAIL PROTECTED]] > Sent: den 22 juni 1999 17:58 > To: [EMAIL PROTECTED] > Subject: (RADIATOR) Update LDAP dir from Radiator > > > > I have been asked to implement Radiator on a site using an > LDAP server as > a user database. They have some extra requirements: > 1 On succesful login the current time has to be put in an > attribute in the > users entry > 2 While the user has an active session the ip address he was > allocated has > to be available in an attribute in his entry. > > Are these extras possible using a vanilla Radiator or do I > have to modify it ?? > If I need to modify it what would the logical way to > implement the be ?? > > TIA > Paul > > -- > Paul van der Zwan paulz @ trantor.xs4all.nl > "I think I'll move to theory, everything works in theory..." > > > > === > Archive at http://www.thesite.com.au/~radiator/ > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. > === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Update LDAP dir from Radiator
Hi Paul, I must agree with a previous poster on this topic: Putting that data into LDAP is not really what LDAP was designed for. If you really have to do it, you could do it by adding a PostAuthHook, and at least avoid having to change the distributed Radiator code. Hope that helps. Cheers. On Jun 22, 5:58pm, Paul van der Zwan wrote: > Subject: (RADIATOR) Update LDAP dir from Radiator > > I have been asked to implement Radiator on a site using an LDAP server as > a user database. They have some extra requirements: > 1 On succesful login the current time has to be put in an attribute in the > users entry > 2 While the user has an active session the ip address he was allocated has > to be available in an attribute in his entry. > > Are these extras possible using a vanilla Radiator or do I have to modify it ?? > If I need to modify it what would the logical way to implement the be ?? > > TIA > Paul > > -- > Paul van der Zwan paulz @ trantor.xs4all.nl > "I think I'll move to theory, everything works in theory..." > > > > === > Archive at http://www.thesite.com.au/~radiator/ > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. >-- End of excerpt from Paul van der Zwan -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Update LDAP dir from Radiator
> > I have been asked to implement Radiator on a site using an LDAP server as > a user database. They have some extra requirements: > 1 On succesful login the current time has to be put in an attribute in the > users entry > 2 While the user has an active session the ip address he was allocated has > to be available in an attribute in his entry. > > Are these extras possible using a vanilla Radiator or do I have to modify > it ?? If I need to modify it what would the logical way to implement the > be ?? > They are certainly possible doing a postauthhook. This can be done without modification. However please do think this over a second time. LDAP is optimized for reading, not for writing. It's very possible that the updates are not available until a long time after your 'insert' statement. Especially the OpenLDAP server is very slow in updates on the directory. This might defeat the purpose of storing the information. When doing synchronous updates, your authentication process may come top a halt waiting for the updates to be processed. Mind you, the IP and time of authorization are also available in the accounting logs. Maybe you could arrange some other contruction? > > TIA > Paul -- Joost. === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
