Re: (RADIATOR) AuthBy LDAP - compare ldap attributes with regex
Hello Benny - On Tue, 10 Oct 2000, Benny Chee wrote: > Hi hugh, > > thks for the promtp reply, i m still having problems getting my ldap >attributes to authenticate with a regular expression. > > > NoDefault > Host192.168.2.2 > AuthDN cn=administrator,ou=members,o=bar > AuthPasswordfoobar > BaseDN o=bar > Port > HoldServerConnection > UsernameAttrcn > PasswordAttruserPassword > > > I have a ldap attribute called servicePlan. > For each realm, we have different servicePlan' ID. > eg: > for realm=60hrs servicePlan=/[13][03569][5-9][0-9]/ > (we have lots of different pricing plans) > > How can i retrieve the serverPlan from the ldap server and compare it against >the regular expression? > I think you will have to write a PostAuthHook to do this. You can assign the ServicePlan value from the LDAP database to a pseudo-attribute with an AuthAttrDef, then process the regexp comparison in the hook. There are some example hooks in the file "goodies/hooks.txt". regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) AuthBy LDAP - compare ldap attributes with regex
> -Original Message- > From: Benny Chee [mailto:[EMAIL PROTECTED]] > Sent: den 9 oktober 2000 15:15 > To: [EMAIL PROTECTED] > Subject: (RADIATOR) AuthBy LDAP - compare ldap attributes with regex > > > hi, > --- snip --- > Also, is it possible to put another ldap inside the > same ? > I need to put a backup ldap host in case the host go dead on me. > A better way IMO is to put those two (or several) LDAP servers behind a load balancing switch. /Ingvar === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy LDAP - compare ldap attributes with regex
Hi hugh, thks for the promtp reply, i m still having problems getting my ldap attributes to authenticate with a regular expression. NoDefault Host192.168.2.2 AuthDN cn=administrator,ou=members,o=bar AuthPasswordfoobar BaseDN o=bar Port HoldServerConnection UsernameAttrcn PasswordAttruserPassword I have a ldap attribute called servicePlan. For each realm, we have different servicePlan' ID. eg: for realm=60hrs servicePlan=/[13][03569][5-9][0-9]/ (we have lots of different pricing plans) How can i retrieve the serverPlan from the ldap server and compare it against the regular expression? Benny [EMAIL PROTECTED] On Tue, Oct 10, 2000 at 10:08:37AM +1100, Hugh Irvine wrote: | | Hello Benny - | | On Tue, 10 Oct 2000, Benny Chee wrote: | > hi, | > | > Is is possible to accept user based on attributes inside LDAP? | > Also matching of attributes is done using regex. | > | | You can use the AuthAttrDef construct, or you can use the SearchFilter | parameter. | | > For example, i want to match service plan, if it belongs to | > a certain range of numbers, i accept. | > | > Also, is it possible to put another ldap inside the same ? | > I need to put a backup ldap host in case the host go dead on me. | > | | No, but you can set up multiple AuthBy LDAP2 clauses and link them with an | AuthByPolicy: | | | AuthByPolicy ContinueUntilAccept | | . | | | | | | | Have a look at section 6.32 in the Radiator 2.16.3 reference manual. | | hth | | Hugh | | | -- | Radiator: the most portable, flexible and configurable RADIUS server | anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, | Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. | Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy LDAP - compare ldap attributes with regex
Hello Benny - On Tue, 10 Oct 2000, Benny Chee wrote: > hi, > > Is is possible to accept user based on attributes inside LDAP? > Also matching of attributes is done using regex. > You can use the AuthAttrDef construct, or you can use the SearchFilter parameter. > For example, i want to match service plan, if it belongs to > a certain range of numbers, i accept. > > Also, is it possible to put another ldap inside the same ? > I need to put a backup ldap host in case the host go dead on me. > No, but you can set up multiple AuthBy LDAP2 clauses and link them with an AuthByPolicy: AuthByPolicy ContinueUntilAccept . Have a look at section 6.32 in the Radiator 2.16.3 reference manual. hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
