Re: ldap and tacacs

[David J N Begley <david@avarice.nepean.uws.edu.au>]

On Wed, 25 Aug 1999, Dave Edick wrote:

> > On a similar note, how about a RADIUS server that backends to LDAP?
> RADIATOR does.  Check out http://www.open.com.au/radiator/

Interesting!  Given that it permits configurable attributes, I wonder how
difficult it would be to make it work with the current draft RADIUS schema for
LDAP:

  To: IETF-Announce: ;
  From: Internet-Drafts@ietf.org
  Subject: I-D ACTION:draft-aboba-radius-04.txt
  Date: Tue, 24 Aug 1999 07:00:21 -0400

  A New Internet-Draft is available from the on-line Internet-Drafts
  directories.

	Title		: Lightweight Directory Access Protocol (v3):  Schema
                          for the Remote Access Dialin User Service (RADIUS)
	Author(s)	: B. Aboba
	Filename	: draft-aboba-radius-04.txt
	Pages		: 26
	Date		: 23-Aug-99

  This document defines a schema for the Remote Access Dialin User Service
  (RADIUS). This schema makes it possible to  integrate  a  RADIUS  server
  with  an  LDAP-based  directory  service,  making  it  possible  for  an
  organization to maintain  a  single  store  of  user  information.  This
  consolidation  is  desirable  since  it  results  in  a reduction in the
  administrative workload, and eliminates the need to  synchronize  across
  multiple user information stores.

  A URL for this Internet-Draft is:
  http://www.ietf.org/internet-drafts/draft-aboba-radius-04.txt

> Our network manager is in love with CiscoSecure for some reason, so I just

Urgh..

Cheers..


dave