Use alternate LDAP source if EAP message

Vladimir Tue, 01 Mar 2005 10:22:08 -0800

I would like to find out if it is possible to specify a different LDAP source if FreeRADIUS sees an EAP message ie. currently I have an LDAP tree with regular users ie.

cn=users,dc=domain

only root and user can see their UserPassword hashes. I am also creating a subtree for 802.1x devices with clear passwords ie.

cn=dot1x,dc=domain

I have a user ie. onexadmin that has privileges to see UserPasswords in 802.1x subtree. I know I can create two separate LDAP sources ie.

ldap ldap_normal { }
and
ldap ldap_onex { }

How would I now tell FreeRADIUS to use ldap_onex only in the case of an EAP message ? I want to use ldap_normal for everything else.

Thanks,

Vladimir

- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Use alternate LDAP source if EAP message

Reply via email to