In looking at the dictionary.juniper file, I notice there are 5 attributes in this file:
ATTRIBUTE Juniper-Local-User-Name 1 string Juniper ATTRIBUTE Juniper-Allow-Commands 2 string Juniper ATTRIBUTE Juniper-Deny-Commands 3 string Juniper ATTRIBUTE Juniper-Allow-Configuration 4 string Juniper ATTRIBUTE Juniper-Deny-Configuration 5 string Juniper With that said, I'm using OpenLDAP to authenticate and would also like to use LDAP to control who has access to which commands within JUNOS. Therefore, can I place these attributes in my OpenLDAP ldif and have radius read them....In doing this, don't these attributes need to be defined within the RADIUS-LDAPv3.schema or some other schema? Is anyone doing this currently to show me where I need to go next? I have searched the web and there is little info on Juniper/Freeradius. Thanks Robert - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html