[RADIATOR] nmas methods
L Boerdijk
L.Boerdijk at vechtdalcollege.nl
Fri May 27 02:25:43 CDT 2011
Hi,
I am evaluating the Radiator software for use in our college, and i have a (simple?) question:
We got the radiator software running properly with Edirectory NMAS and Digipass tokens.
The only question i have now is: how can i make use of the default nmas sequence in the edirectory?
I want to be able to switch preferred nmas methods for different users in de edirectory and let radiator automaticly make use of that default method.
I used a modified configuration file from the goodies directory.
This is the config section from the nmas example config:
# If UseNovellNMASSequence is set and ServerChecksPassword is not set
# Radiator will authenticate a PAP password using the named Novell NMAS sequence.
# UseNovellNMASSequence must specify the name of a valid NMAS sequence
# configured in iManager.
# A standard NMAS sequence name is 'NDS'. If you have the Vasco Digipass NMAS support installed
# in eDirectory, you can use Digipass and authenticate Digipass 'Response Only' RO tokens.
# 'Challenge-Response' tokens are not suported by NMAS at present
UseNovellNMASSequence Digipass
# You can override the NMAS sequence to use on a per-user basis by adding an eDir-Auth-Option
# check item. Or you can override with the default NMAS sequcence name from eDirectory
# itself, allowing the preferred sequcence name to be configured in eDirectory.
# If neither UseNovellNMASSequence or eDir-Auth-Option specify the sequnce it falls
# back to 'NDS'
AuthAttrDef sasDefaultLoginSequence,eDir-Auth-Option,check
The second part says something about using the nmas sequence in edirectory.
But i dont understand exactly how i should configure this.
Then i comment-out the UseNovellNMASSequence Digipass line, Radiator still uses the digipass method and
gives a error when starting the daemon: WARNING: No PasswordAttr or EncryptedPasswordAttr defined for AuthLDAP2 at '/etc/radiator/radius.cfg' line
The reason i want this is because not all users of the radius server will have a digipass. Some of them will still use the NDS (password) method.
best regards,
Lars Boerdijk
Vechtdal College
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20110527/d737d0fd/attachment.html
More information about the radiator
mailing list