Re: Static IP Address allocation database - Active Directory?
On 10/30/06, duckeo <[EMAIL PROTECTED]> wrote: > > On 10/27/06, Jonathan De Graeve <[EMAIL PROTECTED]> wrote: > > > > Has anyone experimented with using Active Directory as a database for > > > > Static IP Addressing? > > > Yes, just assign a static ip in the AD dial-in properties for that user and adapt the ldap.attrmap accordingly, this works perfectly. There is no need to make a user member of a 'radius_staticip' Group. > > Some digging shows me I have in Active Directory 2003 the ldap attribute "msRadiusFramedIPAddress" corresponding to the entry in the Dial In tab. It's a string in LONGIP format at the moment, hoping I can work with that. Okay it's simpler than I thought. I commented out the replyItem for Framed-IP-Address and changed the last attribute to msRADIUSFramedIPAddress and it works, if the static IP is defined in AD it is returned, else 255.255.255.254 is returned as usual. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Static IP Address allocation database - Active Directory?
> On 10/27/06, Jonathan De Graeve <[EMAIL PROTECTED]> wrote: > > > Has anyone experimented with using Active Directory as a database for > > > Static IP Addressing? > > Yes, just assign a static ip in the AD dial-in properties for that user and adapt the ldap.attrmap accordingly, this works perfectly. There is no need to make a user member of a 'radius_staticip' Group. > Some digging shows me I have in Active Directory 2003 the ldap attribute "msRadiusFramedIPAddress" corresponding to the entry in the Dial In tab. It's a string in LONGIP format at the moment, hoping I can work with that. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Static IP Address allocation database - Active Directory?
On 10/30/06, duckeo <[EMAIL PROTECTED]> wrote: On 10/27/06, Jonathan De Graeve <[EMAIL PROTECTED]> wrote: > > Has anyone experimented with using Active Directory as a database for > > Static IP Addressing? > Yes, just assign a static ip in the AD dial-in properties for that user and adapt the ldap.attrmap accordingly, this works perfectly. There is no need to make a user member of a 'radius_staticip' Group. Okay having trouble getting this working, what attribute needs to be changed? I'm currently just using the users file to check for membership of the group and returning the correct attributes if successful. For the Static IPs I'dl ike the user to have to be a member of the group, and have the "Dial In" tab's Static IP set, and return that IP to them in the attribute. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Static IP Address allocation database - Active Directory?
On 10/27/06, Jonathan De Graeve <[EMAIL PROTECTED]> wrote: > Has anyone experimented with using Active Directory as a database for > Static IP Addressing? Yes, just assign a static ip in the AD dial-in properties for that user and adapt the ldap.attrmap accordingly, this works perfectly. There is no need to make a user member of a 'radius_staticip' Group. Thanks, will give it a try in the morning. I've got that group used as not all users have permission to dial in to the service. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Static IP Address allocation database - Active Directory?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 > Has anyone experimented with using Active Directory as a database for > Static IP Addressing? Yes, just assign a static ip in the AD dial-in properties for that user and adapt the ldap.attrmap accordingly, this works perfectly. There is no need to make a user member of a 'radius_staticip' Group. J. - -- Jonathan De Graeve IMELDA vzw Informatica Dienst Network System Engineer [EMAIL PROTECTED] +32(0)15/50.52.98 -BEGIN PGP SIGNATURE- Version: 9.5.0 (Build 1202) wsBVAwUBRUG6jdjY2X/BrZGJAQgslggAmOMNyQR2lingFOOZas2+tRm2DM7+LgrG A8PNHcGxeMIWhtksMm++/nWwwZgK0PrBXECeX13fJf+mmgt3U1V1oXsD58HUAFJj VW+PW9O8o8ef5Br+03pzrIV0enZ6N4AmUOz42JudO4qPrUdrE7SyKDkz41vu8gSz dhW7SO9nTR7h9r688XqJnQU+w6ZQi2AUTumQ+9rvNn6UMS7AhzoNm0naH5tTp0Ql LUPEMByf4O6e4Ucuqd1SJk+gyeKD+ZsZ93YzmFP8btevLAnIw3VK2lnT0gwcejlD FIlkGc7Rt+DJ9Dznn3BXk19hZxNqnsPBDs1rZOX8nGdo7uLdjHctSQ== =tLiY -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Static IP Address allocation database - Active Directory?
Has anyone experimented with using Active Directory as a database for Static IP Addressing? I have two Radius groups in AD, Radius and Radius_StaticIP. If you are a member of the radius group, you are given a address by the NAS (I return 255.255.255.254 to the NAS). If you are a member of the Radius_StaticIP group I want to allocate an address out from my end, I am looking at perl at the moment but has anyone tried using a custom attribute in ActiveDirectory or similar to manage the addressing? Each account could have it's address defined in it's AD entry, but can FreeRadius look up these attributes and use them as replies? Has anyone gotten static ips to work from the client end? I'm not sure what I need to return to allow the client in a PPP dial-in session to set their own IP address in TCP/IP properties. Any help appreciated. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html