[RADIATOR] Use secret from <ClientListLDAP> in <AuthBy RADIUS>

Tuure Vartiainen vartiait at open.com.au
Fri Oct 20 08:51:04 UTC 2017


Hi,

> On 19 Oct 2017, at 14.22, Johan Wassberg <jocar at su.se> wrote:
> 
> Trying to minimize our configuration and needs of local secrets.
> 
> From my last post on this list, all our client configuration is moved to
> LDAP and works just fine (<ClientListLDAP>).
> 
> Some of our incoming requests are handled with <AuthBy RADIUS> to remote
> servers. The remove servers also act as clients to us and is therefor
> configured in LDAP with a secret.
> 
> Is it possible to somehow use the secret from the client object (in
> LDAP) as a secret when connecting to the remote Radius server?
> 

not really.

There’s AuthBy SQLRADIUS which fetches host information from a database, 
but it doesn’t currently cache hosts. There’s an open feature request 
to implement a caching mechanism for SQLRADIUS and LDAPRADIUS so eventually 
it will be fixed.

http://www.open.com.au/radiator/ref/AuthBySQLRADIUS.html#AuthBySQLRADIUS


BR
-- 
Tuure Vartiainen <vartiait at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.



More information about the radiator mailing list