1 |
#
|
1 |
#
|
2 |
# Mapping of RADIUS dictionary attributes to LDAP directory attributes
|
2 |
# Mapping of RADIUS dictionary attributes to LDAP directory attributes
|
3 |
# to be used by LDAP authentication and authorization module (rlm_ldap)
|
3 |
# to be used by LDAP authentication and authorization module (rlm_ldap)
|
4 |
#
|
4 |
#
|
5 |
# Format:
|
5 |
# Format:
|
6 |
# ItemType RADIUS-Attribute-Name ldapAttributeName [operator]
|
6 |
# ItemType RADIUS-Attribute-Name ldapAttributeName [operator]
|
7 |
#
|
7 |
#
|
8 |
# Where:
|
8 |
# Where:
|
9 |
# ItemType = checkItem or replyItem
|
9 |
# ItemType = checkItem or replyItem
|
10 |
# RADIUS-Attribute-Name = attribute name in RADIUS dictionary
|
10 |
# RADIUS-Attribute-Name = attribute name in RADIUS dictionary
|
11 |
# ldapAttributeName = attribute name in LDAP schema
|
11 |
# ldapAttributeName = attribute name in LDAP schema
|
12 |
# operator = optional, and may not be present.
|
12 |
# operator = optional, and may not be present.
|
13 |
# If not present, defaults to "==" for checkItems,
|
13 |
# If not present, defaults to "==" for checkItems,
|
14 |
# and "=" for replyItems.
|
14 |
# and "=" for replyItems.
|
15 |
# If present, the operator here should be one
|
15 |
# If present, the operator here should be one
|
16 |
# of the same operators as defined in the "users"3
|
16 |
# of the same operators as defined in the "users"3
|
17 |
# file ("man users", or "man 5 users").
|
17 |
# file ("man users", or "man 5 users").
|
18 |
# If an operator is present in the value of the
|
18 |
# If an operator is present in the value of the
|
19 |
# LDAP entry (i.e. ":=foo"), then it over-rides
|
19 |
# LDAP entry (i.e. ":=foo"), then it over-rides
|
20 |
# both the default, and any operator given here.
|
20 |
# both the default, and any operator given here.
|
21 |
#
|
21 |
#
|
22 |
# If $GENERIC$ is specified as RADIUS-Attribute-Name, the line specifies
|
22 |
# If $GENERIC$ is specified as RADIUS-Attribute-Name, the line specifies
|
23 |
# a LDAP attribute which can be used to store any RADIUS
|
23 |
# a LDAP attribute which can be used to store any RADIUS
|
24 |
# attribute/value-pair in LDAP directory.
|
24 |
# attribute/value-pair in LDAP directory.
|
25 |
#
|
25 |
#
|
26 |
# You should edit this file to suit it to your needs.
|
26 |
# You should edit this file to suit it to your needs.
|
27 |
#
|
27 |
#
|
28 |
|
28 |
|
29 |
# Au moins une définition doit être présente pour l'authentification LDAP seule
|
29 |
# Au moins une définition doit être présente pour l'authentification LDAP seule
|
30 |
# ==--> (rajout de uid et commentaire de tout le reste pour laisser le soin à sql radius
|
30 |
# ==--> (rajout de uid et commentaire de tout le reste pour laisser le soin à sql radius
|
31 |
# de gérer les personnalisations de comportement du portail
|
31 |
# de gérer les personnalisations de comportement du portail
|
32 |
checkItem $GENERIC$ uid
|
32 |
checkItem $GENERIC$ uid
|
33 |
#checkItem $GENERIC$ radiusCheckItem
|
33 |
#checkItem $GENERIC$ radiusCheckItem
|
34 |
#replyItem $GENERIC$ radiusReplyItem
|
34 |
#replyItem $GENERIC$ radiusReplyItem
|
35 |
|
35 |
|
36 |
#checkItem Auth-Type radiusAuthType
|
36 |
#checkItem Auth-Type radiusAuthType
|
37 |
#checkItem Simultaneous-Use radiusSimultaneousUse
|
37 |
#checkItem Simultaneous-Use radiusSimultaneousUse
|
38 |
#checkItem Called-Station-Id radiusCalledStationId
|
38 |
#checkItem Called-Station-Id radiusCalledStationId
|
39 |
#checkItem Calling-Station-Id radiusCallingStationId
|
39 |
#checkItem Calling-Station-Id radiusCallingStationId
|
40 |
#checkItem LM-Password lmPassword
|
40 |
#checkItem LM-Password lmPassword
|
41 |
#checkItem NT-Password ntPassword
|
41 |
#checkItem NT-Password ntPassword
|
42 |
#checkItem LM-Password sambaLmPassword
|
42 |
#checkItem LM-Password sambaLmPassword
|
43 |
#checkItem NT-Password sambaNtPassword
|
43 |
#checkItem NT-Password sambaNtPassword
|
44 |
#checkItem LM-Password dBCSPwd
|
44 |
#checkItem LM-Password dBCSPwd
|
45 |
#checkItem SMB-Account-CTRL-TEXT acctFlags
|
45 |
#checkItem SMB-Account-CTRL-TEXT acctFlags
|
46 |
#checkItem SMB-Account-CTRL-TEXT sambaAcctFlags
|
46 |
#checkItem SMB-Account-CTRL-TEXT sambaAcctFlags
|
47 |
#checkItem Expiration radiusExpiration
|
47 |
#checkItem Expiration radiusExpiration
|
48 |
#checkItem NAS-IP-Address radiusNASIpAddress
|
48 |
#checkItem NAS-IP-Address radiusNASIpAddress
|
49 |
#
|
49 |
#
|
50 |
#replyItem Service-Type radiusServiceType
|
50 |
#replyItem Service-Type radiusServiceType
|
51 |
#replyItem Framed-Protocol radiusFramedProtocol
|
51 |
#replyItem Framed-Protocol radiusFramedProtocol
|
52 |
#replyItem Framed-IP-Address radiusFramedIPAddress
|
52 |
#replyItem Framed-IP-Address radiusFramedIPAddress
|
53 |
#replyItem Framed-IP-Netmask radiusFramedIPNetmask
|
53 |
#replyItem Framed-IP-Netmask radiusFramedIPNetmask
|
54 |
#replyItem Framed-Route radiusFramedRoute
|
54 |
#replyItem Framed-Route radiusFramedRoute
|
55 |
#replyItem Framed-Routing radiusFramedRouting
|
55 |
#replyItem Framed-Routing radiusFramedRouting
|
56 |
#replyItem Filter-Id radiusFilterId
|
56 |
#replyItem Filter-Id radiusFilterId
|
57 |
#replyItem Framed-MTU radiusFramedMTU
|
57 |
#replyItem Framed-MTU radiusFramedMTU
|
58 |
#replyItem Framed-Compression radiusFramedCompression
|
58 |
#replyItem Framed-Compression radiusFramedCompression
|
59 |
#replyItem Login-IP-Host radiusLoginIPHost
|
59 |
#replyItem Login-IP-Host radiusLoginIPHost
|
60 |
#replyItem Login-Service radiusLoginService
|
60 |
#replyItem Login-Service radiusLoginService
|
61 |
#replyItem Login-TCP-Port radiusLoginTCPPort
|
61 |
#replyItem Login-TCP-Port radiusLoginTCPPort
|
62 |
#replyItem Callback-Number radiusCallbackNumber
|
62 |
#replyItem Callback-Number radiusCallbackNumber
|
63 |
#replyItem Callback-Id radiusCallbackId
|
63 |
#replyItem Callback-Id radiusCallbackId
|
64 |
#replyItem Framed-IPX-Network radiusFramedIPXNetwork
|
64 |
#replyItem Framed-IPX-Network radiusFramedIPXNetwork
|
65 |
#replyItem Class radiusClass
|
65 |
#replyItem Class radiusClass
|
66 |
#replyItem Session-Timeout radiusSessionTimeout
|
66 |
#replyItem Session-Timeout radiusSessionTimeout
|
67 |
#replyItem Idle-Timeout radiusIdleTimeout
|
67 |
#replyItem Idle-Timeout radiusIdleTimeout
|
68 |
#replyItem Termination-Action radiusTerminationAction
|
68 |
#replyItem Termination-Action radiusTerminationAction
|
69 |
#replyItem Login-LAT-Service radiusLoginLATService
|
69 |
#replyItem Login-LAT-Service radiusLoginLATService
|
70 |
#replyItem Login-LAT-Node radiusLoginLATNode
|
70 |
#replyItem Login-LAT-Node radiusLoginLATNode
|
71 |
#replyItem Login-LAT-Group radiusLoginLATGroup
|
71 |
#replyItem Login-LAT-Group radiusLoginLATGroup
|
72 |
#replyItem Framed-AppleTalk-Link radiusFramedAppleTalkLink
|
72 |
#replyItem Framed-AppleTalk-Link radiusFramedAppleTalkLink
|
73 |
#replyItem Framed-AppleTalk-Network radiusFramedAppleTalkNetwork
|
73 |
#replyItem Framed-AppleTalk-Network radiusFramedAppleTalkNetwork
|
74 |
#replyItem Framed-AppleTalk-Zone radiusFramedAppleTalkZone
|
74 |
#replyItem Framed-AppleTalk-Zone radiusFramedAppleTalkZone
|
75 |
#replyItem Port-Limit radiusPortLimit
|
75 |
#replyItem Port-Limit radiusPortLimit
|
76 |
#replyItem Login-LAT-Port radiusLoginLATPort
|
76 |
#replyItem Login-LAT-Port radiusLoginLATPort
|
77 |
#replyItem Reply-Message radiusReplyMessage
|
77 |
#replyItem Reply-Message radiusReplyMessage
|
78 |
|
78 |
|