[RADIATOR] LDAP authentication, IBM Lotus Domino

Martin Burton mvb at sanger.ac.uk
Mon Nov 8 05:46:06 CST 2010 

Hi Pekka,

We normally do something along the lines of:

...

# Split the LDAP auth into its own clause since it's used in
# many different realms
<AuthBy LDAP2>
        Identifier SangerLDAP
        Host xxxxxx.sanger.ac.uk
        BaseDN ou=xxxxx,dc=sanger,dc=ac,dc=uk
        UsernameAttr uid
        PasswordAttr userPassword
        # Ask the LDAP server to attempt to bind as the user,
	# saves having to maintain auth credentials within this
	# config file.
        ServerChecksPassword
</AuthBy>

# Handle logins to cisco switches.
# The switch details are held in the RADCLIENTLIST
# MYSQL table with a default realm set in there.
<Handler Realm=ciscos.sanger.ac.uk>
	# Strip realm from username
        RewriteUsername      s/^([^@]+).*/$1/
        AuthBy SangerLDAP
</Handler>

...

<Handler Realm=...>
	...
	AuthBy SangerLDAP
	...
</Handler>

...

Hope that helps.

Regards,

Martin.


On 08/11/10 10:53, Pekka.Panula at sofor.fi wrote:
> Hi
> 
> I am new to Radiator and we currently evaluating it. I am trying to use 
> LDAP2 auth from IBM Lotus Domino LDAP-server  (without success yet).
> 
> I am wondering how can i strip realm from username or how to set username, 
> i have a working freeradius conf here:
> 
>  ldap {
>                 server = "1.2.3.4"
>                 port = "399"
>                 basedn = "o=Sparknet"
>                 filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
>                 base_filter = "(objectclass=person)"
>         ... 
>  }
> 
> How is that converted to Radiator?
> 
> Terveisin/Regards,
>    Pekka Panula, Sofor Oy - Jatkuvat palvelut
> 
> 
> 
> 
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator

-- 
Martin Burton
Senior Systems Administrator               \\\|||///
Special Projects Team                     \\  ^ ^  //
Wellcome Trust Sanger Institute            (  6 6  )
-----------------------------------------oOOo-(_)-oOOo---
			          http://www.sanger.ac.uk

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://www.open.com.au/pipermail/radiator/attachments/20101108/8a7cd267/attachment.bin

More information about the radiator mailing list