[Date Prev][Date Next]
Re: Any Radius servers with "LDAP" backends?
On Mon, Nov 08, 1999 at 04:18:32PM -0800, Subodh Nijsure wrote:
> Has anyone seen Radius server that actually uses ldap server to "fetch"
> username/password and other information typically required by network
> access devices like dial-in routers?
Yes, I'm successfuly using slightly modified version of unofficial LDAP
authentication patch to Cistron radiusd v 1.6.0-stable (now FreeRadius project) using Novell
NDS through LDAP server as backend. Currently I use it only for authentification
(i.e. no Radius specific information is stored in LDAP/NDS) but it can easily be
extended. LDAP patch was developed for Netscape LDAP SDK but works fine with minor
modification with OpenLDAP 2.0-devel libraries.
My todo list:
1) Switch to CVS version of FreeRadius
2) SSL connects (OpenLDAP SSL support in client code seem to lag behind the
server on this)
3) Implement multiple LDAP server support - falling back in case primary LDAP server
NOTE: NDS seems to be very good option as an LDAP backend, because it has
powerful replication possibilities and customizable administrative utilities.
4) Implement fetching some Radius attributes (like Filter-ID)
> Has anyone done this type of system here?
> /Subodh Nijsure
Adrian Pavlykevych email: <firstname.lastname@example.org>
System Administrator phone/fax: +380 (322) 742041
State University "Lvivska Polytechnica"