Hi,
Here is my problem :
if an user in LDAP have many passwords
(example : Jean Marie DUPOND
passwordCISCO : toto
passwordVPN : titi)
can I indicate to Radius to take a specific password when Radius do
a LDAP's request
Example : if DUPOND want authenticate to a CISCO router, Radius
must be use the attribute containing passwordCISCO
if he want authenticate to a VPN, Radius must be
use the the attribute containing passwordVPN
I tried the directive in radiusd.conf : attribute_password in ldap
module to specify another attribute instead of attribute userPassword
Example : attribute_password = "cn"
But if I want authenticate an user, I receive an ACCESS-REJECT
An idea ??
Here is an answer that I have received :
>You can not do what you want to do. The password is the password. You
can not have multiple passwords un the customer record it just doesn't
work >like that. If you are looking to have multiple passwords or be
able to authenticate to a different device with a different password
then you are >going to need a new entry in LDAP under a different tree
and an entirely different radius server to query it.
It's wrong or right ?
Philippe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
