LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 09-06-2006, 10:31 AM   #1
tmolise
LQ Newbie
 
Registered: Sep 2006
Posts: 4

Rep: Reputation: 0
freeRADIUS1.0.1-1 Auth against openLDAP2.0.27-17 ignores LDAP pswd Expire attribute


Hi all,

I am using Red Hat Linux ES3, with freeRADIUS(1.0.1-1.RHEL3 )authenticating dial-up users against openLDAP(2.0.27-17) through Cisco NAS 3745.

The authentication is working fine except that RADIUS IGNORES the expiration attribute in LDAP database.

I am aware that I have to tell RADIUS to include Password expiration in LDAP but I dont know how.

I have done the following in RADIUS directory attributes mapped to LDAP directory attributes /etc/raddb/ldap.attrmap;

ItemType RADIUS-Attribute-Name ldapAttributeName

.....
.....
checkItem Expiration radiusExpiration
.....
....

In my users conf. file /etc/raddb/users I have done the following

.....
DEFAULT Auth-Type = System
Fall-Through = Yes
DEFAULT Auth-Type := LDAP
Fall-Through = Yes
.....

In my radius conf. file /etc.raddb/radiusd.conf I have done the following

ldap {
server = "localhost"
basedn = "dc=example,dc=com"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
start_tls = no

# Mapping of RADIUS dictionary attributes to LDAP
# directory attributes.
dictionary_mapping = ${raddbdir}/ldap.attrmap

ldap_connections_number = 18
timeout = 4
timelimit = 3
net_timeout = 1
compare_check_items = yes
}

How do I configure RADIUS to recognise LDAP expiration attribute?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Enabling LDAP auth for Apache 2.0.55 HSukirman Linux - Software 3 06-07-2006 03:56 AM
Problem with ldap auth Drunkalot Fedora 3 01-29-2006 08:29 PM
Auth via LDAP on eDirectory jtweaker Linux - Networking 1 12-28-2004 08:18 AM
[PROFTPD] LDAP vs basic auth. Creak Linux - Security 1 09-21-2004 07:52 PM
Ldap + smb auth PcHammer Linux - Software 0 02-17-2003 03:19 AM


All times are GMT -5. The time now is 07:06 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration