Peter Micunek wrote: > The proxy cannot speak to an SQL server. Then it's very poor software, and my advice would be to look elsewhere.
> > Do you know some LDAP-SQL proxy which listen on LDAP server port and > convert LDAP request to SQL and vice versa. OpenLDAP will do this, but it's not suitable for your needs (see below) > > Also, I am considering to use: > > NAS ---> FreeRADIUS (rlm_sql_mysql) ---> MySQL DB <---> OpenLDAP with > slapd-sql <---> LDAP client > > what do you think about this? I am not an OpenLDAP expert any more, but the last time I investigated this you could not modify the SQL database "underneath" slapd-sql because of the servers caching. You had to make modifications via LDAP. If you really need FreeRadius accounting to perform an ldapadd/ldapmodify I suggest you use Exec-Program in the "acct_users" file, but be prepared for it to go slowly and break a lot. > > regards, > Peter Micunek > > > On 2/3/07, *Phil Mayers* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > Peter Micunek wrote: > > A problem is that this proxy know IP address of customer instead of > > MSISDN and unfortunately cannot use a RADIUS to > > obtain the MSISDN from another source. This proxy is able to use only > > the LDAP request with IP of customer and then > > FreeRadius can't write to (account to) an LDAP directory. > > It's a fundamentally bad idea to do lots of writes to LDAP. Most LDAP > servers are heavily read-optimised - not write. > > Can the proxy speak to an SQL server? > > If not, you could use an Exec-Program attribute in the "acct_users" > file > to run "ldapmodify" > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > > ------------------------------------------------------------------------ > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html