(RADIATOR) Reply items from LDAP, Authentication elsewhere

Hugh Irvine hugh at open.com.au
Tue Apr 9 03:14:44 CDT 2002


Hello Petri -

Yes, you can configure your own SearchFilter in the AuthBy LDAP2 clause, just 
to return the reply attributes, and then use NIS+ for authentication.

Something like this:

# define AuthBy clauses

<AuthBy LDAP2>
	Identifier CheckLDAP
	......
	SearchFilter .....
	......
</AuthBy>

<AuthBy NISPLUS>
	Identifier CheckNISPLUS
	.....
</AuthBy>

# define Realm(s) or Handler(s)

<Realm>
	AuthByPolicy ContinueAlways
	AuthBy CheckLDAP
	AuthBy CheckNISPLUS
	.....
</Realm>

regards

Hugh
	

On Tue, 9 Apr 2002 16:07, petri.maenpaa at verkkotieto.com wrote:
> Hi,
>
> I have a working setup that authenticates against NIS+.
> Now I have a new NAS that has support software which stores
> NAS reply items in LDAP. Problem is that I cannot keep
> up-to-date user/password information in LDAP. So what I'd
> like to do (until I can move all user data to LDAP) is
> to authenticate against NIS+ and still get additional
> per-user reply items from LDAP.
>
> Basically what I'd like to do is to ignore the possible
> Access-Reject from AuthBy LDAP, still get the reply items
> from it and go on authenticating it in some other AuthBy
> clause.
>
> Is this somehow possible?
>
> Thanks in advance,
>
> Petri Maenpaa
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list