ldap.attrmap   [plain text]

# Mapping of RADIUS dictionary attributes to LDAP directory attributes
# to be used by LDAP authentication and authorization module (rlm_ldap)
# Format:
#   ItemType	RADIUS-Attribute-Name		ldapAttributeName  [operator]
# Where:
#   ItemType              = checkItem or replyItem 
#   RADIUS-Attribute-Name = attribute name in RADIUS dictionary
#   ldapAttributeName     = attribute name in LDAP schema
#   operator              = optional, and may not be present.
#			    If not present, defaults to "==" for checkItems,
#			    and "=" for replyItems.
#			    If present, the operator here should be one
#			    of the same operators as defined in the "users"3
#			    file ("man users", or "man 5 users").
#			    If an operator is present in the value of the
#			    LDAP entry (i.e. ":=foo"), then it over-rides
#			    both the default, and any operator given here.
# If $GENERIC$ is specified as RADIUS-Attribute-Name, the line specifies
# a LDAP attribute which can be used to store any RADIUS 
# attribute/value-pair in LDAP directory.
# You should edit this file to suit it to your needs.

checkItem	$GENERIC$			radiusCheckItem
replyItem	$GENERIC$			radiusReplyItem

checkItem	Auth-Type			radiusAuthType
checkItem	Simultaneous-Use		radiusSimultaneousUse
checkItem	Called-Station-Id		radiusCalledStationId
checkItem	Calling-Station-Id		radiusCallingStationId
checkItem	LM-Password			lmPassword
checkItem	NT-Password			ntPassword
checkItem	LM-Password			sambaLmPassword
checkItem	NT-Password			sambaNtPassword
checkItem	LM-Password			dBCSPwd
checkitem	Password-With-Header		userPassword
checkItem	SMB-Account-CTRL-TEXT		acctFlags
checkItem	Expiration			radiusExpiration
checkItem	NAS-IP-Address			radiusNASIpAddress

replyItem	Service-Type			radiusServiceType
replyItem	Framed-Protocol			radiusFramedProtocol
replyItem	Framed-IP-Address		radiusFramedIPAddress
replyItem	Framed-IP-Netmask		radiusFramedIPNetmask
replyItem	Framed-Route			radiusFramedRoute
replyItem	Framed-Routing			radiusFramedRouting
replyItem	Filter-Id			radiusFilterId
replyItem	Framed-MTU			radiusFramedMTU
replyItem	Framed-Compression		radiusFramedCompression
replyItem	Login-IP-Host			radiusLoginIPHost
replyItem	Login-Service			radiusLoginService
replyItem	Login-TCP-Port			radiusLoginTCPPort
replyItem	Callback-Number			radiusCallbackNumber
replyItem	Callback-Id			radiusCallbackId
replyItem	Framed-IPX-Network		radiusFramedIPXNetwork
replyItem	Class				radiusClass
replyItem	Session-Timeout			radiusSessionTimeout
replyItem	Idle-Timeout			radiusIdleTimeout
replyItem	Termination-Action		radiusTerminationAction
replyItem	Login-LAT-Service		radiusLoginLATService
replyItem	Login-LAT-Node			radiusLoginLATNode
replyItem	Login-LAT-Group			radiusLoginLATGroup
replyItem	Framed-AppleTalk-Link		radiusFramedAppleTalkLink
replyItem	Framed-AppleTalk-Network	radiusFramedAppleTalkNetwork
replyItem	Framed-AppleTalk-Zone		radiusFramedAppleTalkZone
replyItem	Port-Limit			radiusPortLimit
replyItem	Login-LAT-Port			radiusLoginLATPort
replyItem	Reply-Message			radiusReplyMessage
replyItem	Tunnel-Type			radiusTunnelType
replyItem	Tunnel-Medium-Type		radiusTunnelMediumType
replyItem	Tunnel-Private-Group-Id		radiusTunnelPrivateGroupId