[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Any Radius servers with "LDAP" backends?

On Mon, Nov 08, 1999 at 04:18:32PM -0800, Subodh Nijsure wrote:
> Has anyone seen Radius server that actually uses ldap server to "fetch" 
> username/password and other information typically required by network 
> access devices like dial-in routers?

Yes, I'm successfuly using slightly modified version of unofficial LDAP 
authentication patch to Cistron radiusd v 1.6.0-stable  (now FreeRadius project) using Novell 
NDS through LDAP server as backend. Currently I use it only for authentification 
(i.e. no Radius specific information is stored in LDAP/NDS) but it can easily be 
extended. LDAP patch was developed for Netscape LDAP SDK but works fine with minor 
modification with OpenLDAP 2.0-devel libraries.

FreeRadius: http://www.freeradius.org

My todo list:
1) Switch to CVS version of FreeRadius
2) SSL connects (OpenLDAP SSL support in client code seem to lag behind the 
server on this)
3) Implement multiple LDAP server support - falling back in case primary LDAP server 
NOTE: NDS seems to be very good option as an LDAP backend, because it has 
powerful replication possibilities and customizable administrative utilities.
4) Implement fetching some Radius attributes (like Filter-ID)
> Has anyone done this type of system here?
> /Subodh Nijsure

Adrian Pavlykevych 			email: 		<pam@polynet.lviv.ua>
System Administrator			phone/fax:	+380 (322) 742041
State University "Lvivska Polytechnica"