On Mon, 31 Mar 2003, Benjamin Smith wrote: > Dear all, > > I'm using (and loving!) FreeRadius on LDAP. We had a bit of a situation last > w/e where we had to merge another ISP's user base into our LDAP setup, and > both companies are using the same dialup numbers. > > I setup a different ou in LDAP to keep the two companies, changed the rootdn > in freeradius, and set up an "or" for the filter, and it works! > > Now for the kicker question: How to do accounting for these? We might have > user "bob" from our isp, and user "bob" from the other isp, and either would > be seen in the logs as simply "bob". Is there any way to account for this > apparent duplicity in freeradius, say by prepending a string for the user > name on the way out to the log? > > It seems we should be able to change the following line: > Mon Mar 31 12:11:50 2003 : Auth: Login OK: [rcondon] (from client ##.###.0.128 > port 22423 cli 5308732113) > > to: > Mon Mar 31 12:11:50 2003 : Auth: Login OK: [isp1_rcondon] (from client > ##.###.0.128 port 22423 cli 5308732113) > > or: > Mon Mar 31 12:11:50 2003 : Auth: Login OK: [isp2_rcondon] (from client > ##.###.0.128 port 22423 cli 5308732113)
Well you want to do accounting so changing the username during authentication won't help that much. What I would suggest is to return a different class attribute based on the user ou to the access server. Then in the accounting section you can assign different realms based on the class attribute passed back by the NAS. Or use attr_rewrite to rewrite the username. Try just assigning ou to the Class attribute in ldap.attrmap and see what happens. > > where "isp1" or "isp2" comes from the ou: field in LDAP. > > Can this be done in a config file, or would this require a tweak to sources > and recompile? > > -Ben > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
