forked from infra/ansible
77 lines
3.1 KiB
Plaintext
77 lines
3.1 KiB
Plaintext
|
#
|
||
|
# Mapping of RADIUS dictionary attributes to LDAP directory attributes
|
||
|
# to be used by LDAP authentication and authorization module (rlm_ldap)
|
||
|
#
|
||
|
# Format:
|
||
|
# ItemType RADIUS-Attribute-Name ldapAttributeName [operator]
|
||
|
#
|
||
|
# Where:
|
||
|
# ItemType = checkItem or replyItem
|
||
|
# RADIUS-Attribute-Name = attribute name in RADIUS dictionary
|
||
|
# ldapAttributeName = attribute name in LDAP schema
|
||
|
# operator = optional, and may not be present.
|
||
|
# If not present, defaults to "==" for checkItems,
|
||
|
# and "=" for replyItems.
|
||
|
# If present, the operator here should be one
|
||
|
# of the same operators as defined in the "users"3
|
||
|
# file ("man users", or "man 5 users").
|
||
|
# If an operator is present in the value of the
|
||
|
# LDAP entry (i.e. ":=foo"), then it over-rides
|
||
|
# both the default, and any operator given here.
|
||
|
#
|
||
|
# If $GENERIC$ is specified as RADIUS-Attribute-Name, the line specifies
|
||
|
# a LDAP attribute which can be used to store any RADIUS
|
||
|
# attribute/value-pair in LDAP directory.
|
||
|
#
|
||
|
# You should edit this file to suit it to your needs.
|
||
|
#
|
||
|
|
||
|
checkItem $GENERIC$ radiusCheckItem
|
||
|
replyItem $GENERIC$ radiusReplyItem
|
||
|
|
||
|
checkItem Auth-Type radiusAuthType
|
||
|
checkItem Simultaneous-Use radiusSimultaneousUse
|
||
|
checkItem Called-Station-Id radiusCalledStationId
|
||
|
checkItem Calling-Station-Id radiusCallingStationId
|
||
|
checkItem LM-Password lmPassword
|
||
|
checkItem NT-Password ntPassword
|
||
|
checkItem LM-Password sambaLmPassword
|
||
|
checkItem NT-Password sambaNtPassword
|
||
|
checkItem LM-Password dBCSPwd
|
||
|
checkitem Password-With-Header userPassword
|
||
|
checkItem SMB-Account-CTRL-TEXT acctFlags
|
||
|
checkItem Expiration radiusExpiration
|
||
|
checkItem NAS-IP-Address radiusNASIpAddress
|
||
|
|
||
|
replyItem Service-Type radiusServiceType
|
||
|
replyItem Framed-Protocol radiusFramedProtocol
|
||
|
replyItem Framed-IP-Address radiusFramedIPAddress
|
||
|
replyItem Framed-IP-Netmask radiusFramedIPNetmask
|
||
|
replyItem Framed-Route radiusFramedRoute
|
||
|
replyItem Framed-Routing radiusFramedRouting
|
||
|
replyItem Filter-Id radiusFilterId
|
||
|
replyItem Framed-MTU radiusFramedMTU
|
||
|
replyItem Framed-Compression radiusFramedCompression
|
||
|
replyItem Login-IP-Host radiusLoginIPHost
|
||
|
replyItem Login-Service radiusLoginService
|
||
|
replyItem Login-TCP-Port radiusLoginTCPPort
|
||
|
replyItem Callback-Number radiusCallbackNumber
|
||
|
replyItem Callback-Id radiusCallbackId
|
||
|
replyItem Framed-IPX-Network radiusFramedIPXNetwork
|
||
|
replyItem Class radiusClass
|
||
|
replyItem Session-Timeout radiusSessionTimeout
|
||
|
replyItem Idle-Timeout radiusIdleTimeout
|
||
|
replyItem Termination-Action radiusTerminationAction
|
||
|
replyItem Login-LAT-Service radiusLoginLATService
|
||
|
replyItem Login-LAT-Node radiusLoginLATNode
|
||
|
replyItem Login-LAT-Group radiusLoginLATGroup
|
||
|
replyItem Framed-AppleTalk-Link radiusFramedAppleTalkLink
|
||
|
replyItem Framed-AppleTalk-Network radiusFramedAppleTalkNetwork
|
||
|
replyItem Framed-AppleTalk-Zone radiusFramedAppleTalkZone
|
||
|
replyItem Port-Limit radiusPortLimit
|
||
|
replyItem Login-LAT-Port radiusLoginLATPort
|
||
|
replyItem Reply-Message radiusReplyMessage
|
||
|
replyItem Tunnel-Type radiusTunnelType
|
||
|
replyItem Tunnel-Medium-Type radiusTunnelMediumType
|
||
|
replyItem Tunnel-Private-Group-Id radiusTunnelPrivateGroupId
|