[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Re[3]: Radius Compatibility

To: <openldap-software@OpenLDAP.org>
Subject: RE: Re[3]: Radius Compatibility
From: "Andrey Nepomnyaschih" <A.Nepomnyaschih@chartpilot.ru>
Date: Fri, 18 Jul 2003 17:59:04 +0400
Importance: Normal
In-reply-to: <466069513.20030718174402@startatom.ru>

Hello,

I'm not sure will it work but I had problems with ADSI and
http://www.freeradius.org/radiusd/doc/RADIUS-LDAPv3.schema file. The
ADSI just was unable to parse schema from subschemaSubentry while there
were null strings descriptions. And cosmetic bugs is that schema uses
OID 1466, while FreeRADIUS project has OID 11344 registered IANA.

Try to add it with ldapadd maybe it will give you more information.

Have a good time,


-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of Alexander
Lunyov
Sent: Friday, July 18, 2003 5:44 PM
To: openldap-software@OpenLDAP.org
Subject: Re[3]: Radius Compatibility


Hello Servidores,

Friday, July 18, 2003, 5:40:53 PM, you wrote:

>> Hello Servidores,
>> SySdI> Im trying to upgrade an openldap server from the 2.0.27 to the

>> SySdI> 2.1.22 version. Obviously, I had have a lot of problems with 
>> SySdI> the schema, but this one is stopping me much time; actually, 
>> SySdI> Im using a file called radius-ldapv3.schema that works 
>> SySdI> perfectly with radius-cistron-1.6.4 and the openldap server , 
>> SySdI> but now (with the openldap 2.1.22) it is not posible to add 
>> SySdI> the entries with the objectClass radiusProfile.
>>

>>   There's schema checking 'on' by default in OpenLDAP 2.1.x, maybe
>>   this is the problem (i mean that with 2.1.x you cannot just add
>>   entry with all objectClasses that you want to). Any way, in
>>   attachment there is my (taken from somewhere, i don't remember)
>>   radius schema and it's working with OpenLDAP 2.1.20 (in this time
i'm
>>   upgrading to .22). And you forgot to say what was the error.

SysSdI>> Hi, thanks for your reply and for the file, but unfortunately 
SysSdI>> it didnt work. I didnt say the error cause I dont know it . Im 
SysSdI>> working with the LDAPBrowser, and there are no error logs when 
SysSdI>> I try to add an entry with radiusProfile as an objectClass, but

SysSdI>> the LDAPbrowser says failed to import. Im gonna show two 
SysSdI>> examples, I CAN add the firs one but I CANT add the second one.

SySdI> Example 1:

SySdI> dn: uid=rescauca,ou=Entidades Adscritas,ou=Usuarios,
SySdI> dc=unicauca,dc=edu,dc=co
SySdI> mailLocalAddress: rescauca@unicauca.edu.co
SySdI> mailLocalAddress: rescauca@ucauca.edu.co
SySdI> givenName: Representacion Estudiantil de la Universidad del
SySdI> objectClass: inetLocalMailRecipient
SySdI> objectClass: person
SySdI> objectClass: organizationalPerson
SySdI> objectClass: inetOrgPerson
SySdI> objectClass: posixAccount
SySdI> objectClass: top
SySdI> objectClass: kerberosSecurityObject
SySdI> objectClass: shadowAccount
SySdI> objectClass: serviciosUnicauca
SySdI> mailRoutingAddress: rescauca@atenea.unicauca.edu.co
SySdI> shadowLastChange: 11990
SySdI> userPassword::
e2NyeXB0fSQxJHNkV1ZiUVNtJGFhdVJKU3dKbkl6cWhRURRLy4=
SySdI> uid: rescauca
SySdI> mail: rescauca@unicauca.edu.co
SySdI> uidNumber: 1487
SySdI> cn: Representacion Estudiantil de la Universidad del Cauca
SySdI> shadowFlag: 134540412
SySdI> loginShell: /bin/tcsh
SySdI> host: atenea.unicauca.edu.co
SySdI> krbName: rescauca@UNICAUCA.EDU.CO
SySdI> gidNumber: 30010
SySdI> gecos: Representacion Estudiantil de la Universidad del Cauca
SySdI> mailHost: atenea.unicauca.edu.co
SySdI> homeDirectory: /home/Adscritas/rescauca
SySdI> sn: Cauca

SySdI> Example 2:

SySdI> dn: uid=martinez,ou=Contratistas,ou=Usuarios, 
SySdI> dc=unicauca,dc=edu,dc=co
SySdI> mailLocalAddress: martinez@unicauca.edu.co
SySdI> mailLocalAddress: martinez@ucauca.edu.co
SySdI> givenName: Jaime Leonardo
SySdI> objectClass: inetLocalMailRecipient
SySdI> objectClass: person
SySdI> objectClass: organizationalPerson
SySdI> objectClass: inetOrgPerson
SySdI> objectClass: posixAccount
SySdI> objectClass: top
SySdI> objectClass: kerberosSecurityObject
SySdI> objectClass: shadowAccount
SySdI> objectClass: radiusProfile
SySdI> objectClass: serviciosUnicauca
SySdI> mailRoutingAddress: martinez@atenea.unicauca.edu.co
SySdI> shadowLastChange: 11949
SySdI> userPassword::
e2NyeXBhTy7JHdrTnBnT2p1JFFMeHkvSlVoQXF0SDhmM2dhT1NKMS4=
SySdI> uid: martinez
SySdI> mail: martinez@unicauca.edu.co
SySdI> uidNumber: 1828
SySdI> cn: Jaime Leonardo Martinez
SySdI> dialupAccess: True
SySdI> loginShell: /bin/tcsh
SySdI> host: atenea.unicauca.edu.co
SySdI> krbName: martinez@UNICAUCA.EDU.CO
SySdI> gidNumber: 30004
SySdI> shadowMax: 99999
SySdI> gecos: Jaime Leonardo Martinez
SySdI> dialupPayment: Especial
SySdI> mailHost: atenea.unicauca.edu.co
SySdI> homeDirectory: /home/Contratistas/martinez
SySdI> sn: Martinez

SySdI> Thanks for your attention.

       Sorry, but i can't just look on these two entry and give you
       answer. I'm not slapd :)

       Try not to use LDAPBrowser, create LDIF file and use ldapadd with
       arg -d -1, or start slapd with -d -1 arg or even more verbosity
       and then try to add something.

-- 
Best regards,
 Alexander                            mailto:lan_mailing@startatom.ru

References:
- Re[3]: Radius Compatibility
  - From: Alexander Lunyov <lan_mailing@startatom.ru>

Prev by Date: SOLVED Re[4]: SASL MD5 - another try
Next by Date: RE: SOLVED Re[4]: SASL MD5 - another try
Index(es):
- Chronological
- Thread