Hi, Yes, I did add radiusPortLimit as a replyitem in the ldap.attrmap file. The entry looks like this:
replyItem Port-Limit radiusPortLimit No luck still :-(, Anindya ----- Original Message ----- From: "freeradius mailing list" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, March 13, 2003 10:16 PM Subject: Re: Radius to LDAP mapping.. radius attributes not working fromLDAP > Did you add radiusportlimit to the ldap.attrmap file as a reply item? > > > On Thu, 13 Mar 2003, Das, Anindya Kishore wrote: > > > Hi All, > > > > I have been trying to get Freeradius to authenticate users against the > > entries in my OpenLDAP directory with individual user rights. My setup > > requires that I have a port-limit set up on each user when they register and > > I am trying to get this information passed from the LDAP directory to the > > NAS via FreeRadius. > > > > My ldap() section in radiusd.conf file looks like this... > > > > > > ldap { > > server = "ldap.pacenet-india.com" > > port = "389" > > # identity = "cn=admin,o=My Org,c=UA" > > # password = mypass > > basedn = "ou=users,o=pacenet-india,dc=com" > > filter = "(uid=%u)" > > #filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" > > > > # set this to 'yes' to use TLS encrypted connections > > # to the LDAP database by using the StartTLS extended > > # operation. > > start_tls = no > > # set this to 'yes' to use TLS encrypted connections to the > > # LDAP database by passing the LDAP_OPT_X_TLS_TRY option to > > # the ldap library. > > tls_mode = no > > > > # default_profile = "cn=radprofile,ou=dialup,o=My Org,c=UA" > > # profile_attribute = "radiusProfileDn" > > access_attr = "dialupAccess" > > > > # Mapping of RADIUS dictionary attributes to LDAP > > # directory attributes. > > dictionary_mapping = ${raddbdir}/ldap.attrmap > > > > # ldap_cache_timeout = 120 > > # ldap_cache_size = 0 > > ldap_connections_number = 5 > > # password_header = "{clear}" > > # password_attribute = userPassword > > # groupname_attribute = cn > > # groupmembership_filter = > > "(|(&(objectClass=GroupOfNames)(membe > > r=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-Use > > rDn} > > )))" > > # groupmembership_attribute = radiusGroupName > > timeout = 140 > > timelimit = 30 > > net_timeout = 10 > > # compare_check_items = yes > > # access_attr_used_for_allow = yes > > } > > > > and one of my test user's ldif looks like this > > > > > > dn: uid=akd5,ou=users,o=pacenet-india,dc=com > > > > objectClass: top > > objectClass: account > > objectClass: posixAccount > > objectClass: person > > objectClass: inetOrgPerson > > objectClass: radiusProfile > > dialupAccess: yes > > radiusPortLimit: 40000 > > cn: Anindya > > sn: Das > > gecos: akd5 > > gidNumber: 15 > > mail: [EMAIL PROTECTED] > > loginShell: /bin/sh > > homeDirectory: /home/akd > > uidNumber: 101123 > > userPassword: 123456 > > uid: akd5 > > > > I have added the RADIUS schema for LDAP v3 and all works fine and the user > > gets authenticated and all. The problem is that the "radiusPortLimit" does > > not come into effect. I have tried adding the same information in the users > > file in the standard RADIUS user file format, which works beautifully. > > > > Is there anything I am doing wrong or missing out because of which the > > radius attributes are not being picked up from the directory? I am using the > > following: > > > > 1. FreeRadius version 0.8.1 > > 2. OpenLDAP 2.x (LDAP Ver3) > > > > > > Any help in this regard would be greatly appreciated. > > > > Thanks in advance > > > > Anindya > > > > > > > > > > - > > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html