Tariq Rashid <[EMAIL PROTECTED]> wrote: > there is a difference - the Steel-Belted Radius server documentation > explains it well and allow syou to make the choice:
The documentation allows you to make that choice because the code is implemented in the server. Are you willing to supply patches to the LDAP module, to get the functionality you want? Are you willing to pay someone else to write patches to the LDAP module, to get the functionality you want? If the answer to both questions is "No", then you're stuck. > (1) you connect to the ldap server using the supplied > username/password > if the connection succeeds, the password is valid FreeRADIUS supports this today. > (2) you bind using a standard username/password unrelated to any > users/clients > you then search for records using the User-Name fields and match > a > password field > - from this user record - you can read and act upon other > attributes > such as (filtered? unmetered? tunnel attributes (not all users > are human)) FreeRADIUS supports obtaining user profiles from LDAP. > it is the second which i am currently doign with radiator but would like to > use freeradius. with radiator, the "environment" consisting of the request, > reply, check and ldap attributes are passed to user defined hooks, which can > then use them to delete, modify or add pairs, or do ldap/sql lookups. FreeRADIUS also does this. Have you tried looking at the server source? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
