Yes, that method is working fine.
Thank you very much for your help.
Hariharan R wrote:
Hi all,
I am using FreeRADIUS1.1.1 with Fedora Directory server as a backend
data store.
Let us consider the scenario..
I have two servers, one is a mail server and another one is a proxy
server. Both servers are configured to use RADIUS+FDS for user
authentication. In FDS i have two organizational unit under root domain.
For Ex;
ou=mailusers,dc=example,dc=com
ou=proxyusers,dc=example,dc=com
In the 'raddb/radiusd.conf' file i specified the base domain as
(In LDAP module)
basedn = "dc=example,dc=com"
So whenever a client request comes to the RADIUS server it will look
for the username in FDS.
The problem is, how the RADIUS will identify that whether the request
is comes from the 'mail server' or from the 'proxy server'. Because for
mailserver users i have to look in the "ou=mailusers,dc=example,dc=com"
and for proxy users i have to look in the
"ou=proxyusers,dc=example,dc=com".
Try this:
/etc/raddb/huntgroups:
mail NAS-IP-Address == the.mail.server.ip
proxy NAS-IP-Address == the.proxy.server.ip
/etc/radiusd.conf:
modules {
ldap {
basedn = "ou=%{Huntgroup-Name},dc=example,dc=com"
}
}
How i can change the LDAP basedn according to the request.
Use any string expansion you like, as above.
---
Regards,
Hariharan.R
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
