>
> I currently have FreeRADIUS setup to authenticate users against Active
> Directory and the local users file. Now I want to use it as the RADIUS
> server for my Extreme network switches. My hope is to be able to use the
> Active Directory accounts to authenticate the users to the switch via
> FreeRADIUS.
>
> After doing some research I see that I need to return the radiusServiceType
> attribute to the Extreme switch. My understanding is that this will have
> to reside in the LDAP schema/database, correct? If this is correct, to
> extend the AD schema, I need an OID for the radiusServiceType attribute
> that needs to be unique. I have been unable to find what the X.500 OID for
> this attribute is. Anyone know this?
>From the RADIUS-LDAPv3.schema
attributetype
( 1.3.6.1.4.1.3317.4.3.1.32
NAME 'radiusServiceType'
DESC ''
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE
)
Or you can use private numbers. Here is a link to a page about extending
schemas with openldap.
http://www.openldap.org/doc/admin21/schema.html#Extending%20Schema
>
> Is there another way to do this that I am missing? I know I can use the
> users file, but that is not ideal as it is another place that passwords
> have to be managed and I cannot enforce password policies easily this way.
>
> Any guidance would be greatly appreciated.
>
> Thanks,
> Mark Capelle
>
>
>
> CONFIDENTIALITY NOTICE: This e-mail may contain trade secrets or
> privileged, undisclosed or otherwise confidential information. If you have
> received this e-mail in error, you are hereby notified that any review,
> copying or distribution of this message in whole or in part is strictly
> prohibited. Please inform the sender immediately and destroy the original
> transmittal. Thank you for your cooperation.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
