(RADIATOR) CLI auth using LDAP
deen
deen at slt.lk
Sat Sep 13 20:04:27 CDT 2003
Hi List,
What I am trying to do is, authenticate a user CLI appearing in the RADIUS Auth records, against his telephone number residing in LDAP, rather than username/password. I have seen a sample in the ldap.cfg in the goodies directory and was checking. Following is what I have in my cfg file.
This does not work, and the line drops at authentication. I am using a Cisco AS 5300. Please tell me what I am missing. I have tested the LDAP
with normal username/password and it works.
Thanks
Deen
<Realm DEFAULT>
<AuthBy LDAP2>
Host localhost
Port 389
Version 3
AuthDN cn=Manager,dc=slt,dc=lk
AuthPassword xxx
# The base DN at which to start the search
BaseDN dc=slt,dc=lk
#UsernameAttr uid
#PasswordAttr userPassword
#Framed-Protocol = PPP,\
#Framed-IP-Netmask = 255.255.255.255,\
#Framed-Routing = None,\
#Framed-MTU = 1500,\
#Framed-Compression = Van-Jacobson-TCP-IP
## Old Stuff ##
# This will check Calling-Station_id against
# LDAP attribute mobile
Identifier Check-LDAP-telephoneNumber
# Identifier telephoneNumber
# Calling-Station-Id is used to search
# instead of UsernameAttr and PasswordAttr
SearchFilter (telephoneNumber=%{Calling-Station-Id})
NoDefaultIfFound
AddToReply Framed-Protocol = PPP,\
Service-Type = Framed-User
## Old Stuff ##
</AuthBy>
etc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20030913/c3c412ec/attachment.html>
More information about the radiator
mailing list