[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap users auth to ldap ;)

To: "Peter E. Stoddard" <stoddard@zko.dec.com>
Subject: Re: ldap users auth to ldap ;)
From: Stuart Lynne <sl@fireplug.net>
Date: Wed, 16 Sep 1998 13:24:48 -0700
Cc: openldap-general@openldap.org
In-reply-to: <35FFFC44.DA54FEC9@zko.dec.com>; from Peter E. Stoddard on Wed, Sep 16, 1998 at 01:58:28PM -0400
References: <19980915172150.I4411@puck.nether.net> <Pine.GSO.4.03.9809151718410.7553-100000@orion.ac.hmc.edu> <19980915202722.E8361@puck.nether.net> <35FF1132.11CF46EC@netscape.com> <35FFBDF7.8A81CFF7@zko.dec.com> <19980916103501.D11950@puck.nether.net> <19980916103236.35897@fireplug.net> <35FFFC44.DA54FEC9@zko.dec.com>

> > > >
> > > > You might also take a look at Merit's web site.  They should be
> > > > releasing
> > > > a version of their RADIUS server with an LDAP backend (with full realm
> > > > support in the directory) within a couple of weeks.  I've been working
> > > > with the Merit server and have written an LDAP extension to it.  Not too
> > > > difficult.

Any idea of what schemas they support? 

Can it be configured to use searches with LDAP search URL's or does it
have a fixed idea as to what to expect?

Is it binding as the user to authenticate? Or binding with credentials
to fetch user password information to do checking itself?

I'm *very* interested in hooking radius up to LDAP, but my targe is is a
high volume server and the directory server is likely to be the bottleneck.

Is it doing LDAP operations asynchronously so that it can process other
radius requests while waiting for the directory server to answer? If I
remember correctly the merit radius has two separate models for dealing
with requests to outside servers. One for doing synchronous requests, 
simple to implement, and one for asynchronous, harder to implement, but
more suitable for doing things that might take some time.

Is it able to do "bulk" requests? I.e. if it has several outstanding 
requests make a single request for information that will return information
for all of them.

Is it able to use a backup directory server if its primary directory
server is unavailable?

Is it able to alternate requests across a couple of directory servers
to increase performance?

-- 
Stuart Lynne <sl@fireplug.net>      604-461-7532      <http://www.fireplug.net>
PGP Fingerprint: 28 E2 A0 15 99 62 9A 00  88 EC A3 EE 2D 1C 15 68

References:
- ldap users auth to ldap ;)
  - From: Jared Mauch <jared@puck.nether.net>
- Re: ldap users auth to ldap ;)
  - From: Michael Thomas Cope <mcope@orion.ac.hmc.edu>
- Re: ldap users auth to ldap ;)
  - From: Jared Mauch <jared@puck.nether.net>
- Re: ldap users auth to ldap ;)
  - From: John Kristian <kristian@netscape.com>
- Re: ldap users auth to ldap ;)
  - From: "Peter E. Stoddard" <stoddard@zko.dec.com>
- Re: ldap users auth to ldap ;)
  - From: Jared Mauch <jared@puck.nether.net>
- Re: ldap users auth to ldap ;)
  - From: Stuart Lynne <sl@fireplug.net>
- Re: ldap users auth to ldap ;)
  - From: "Peter E. Stoddard" <stoddard@zko.dec.com>

Prev by Date: Re: ldap users auth to ldap ;)
Next by Date: RE: ldap users auth to ldap ;)
Index(es):
- Chronological
- Thread