projects / freeradius.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
New build path variable
[freeradius.git] / raddb / ldap.attrmap
diff --git a/raddb/ldap.attrmap b/raddb/ldap.attrmap
index 649ca1b..1aa7592 100644 (file)
--- a/raddb/ldap.attrmap
+++ b/raddb/ldap.attrmap
@@ -3,12 +3,21 @@
 # to be used by LDAP authentication and authorization module (rlm_ldap)
 #
 # Format:
-#   ItemType   RADIUS-Attribute-Name           ldapAttributeName
+#   ItemType   RADIUS-Attribute-Name           ldapAttributeName  [operator]
 #
 # Where:
 #   ItemType              = checkItem or replyItem 
 #   RADIUS-Attribute-Name = attribute name in RADIUS dictionary
 #   ldapAttributeName     = attribute name in LDAP schema
+#   operator              = optional, and may not be present.
+#                          If not present, defaults to "==" for checkItems,
+#                          and "=" for replyItems.
+#                          If present, the operator here should be one
+#                          of the same operators as defined in the "users"3
+#                          file ("man users", or "man 5 users").
+#                          If an operator is present in the value of the
+#                          LDAP entry (i.e. ":=foo"), then it over-rides
+#                          both the default, and any operator given here.
 #
 # If $GENERIC$ is specified as RADIUS-Attribute-Name, the line specifies
 # a LDAP attribute which can be used to store any RADIUS 
@@ -21,9 +30,19 @@ checkItem    $GENERIC$                       radiusCheckItem
 replyItem      $GENERIC$                       radiusReplyItem
 
 checkItem      Auth-Type                       radiusAuthType
-checkItem      Simultaneous-Use                npSessionsAllowed
+checkItem      Simultaneous-Use                radiusSimultaneousUse
 checkItem      Called-Station-Id               radiusCalledStationId
 checkItem      Calling-Station-Id              radiusCallingStationId
+checkItem      LM-Password                     lmPassword
+checkItem      NT-Password                     ntPassword
+checkItem      LM-Password                     sambaLmPassword
+checkItem      NT-Password                     sambaNtPassword
+checkItem      LM-Password                     dBCSPwd
+checkitem      Password-With-Header            userPassword
+checkItem      SMB-Account-CTRL-TEXT           acctFlags
+checkItem      Expiration                      radiusExpiration
+checkItem      NAS-IP-Address                  radiusNASIpAddress
+checkItem      Password-With-Header            userPassword
 
 replyItem      Service-Type                    radiusServiceType
 replyItem      Framed-Protocol                 radiusFramedProtocol
@@ -52,6 +71,7 @@ replyItem     Framed-AppleTalk-Network        radiusFramedAppleTalkNetwork
 replyItem      Framed-AppleTalk-Zone           radiusFramedAppleTalkZone
 replyItem      Port-Limit                      radiusPortLimit
 replyItem      Login-LAT-Port                  radiusLoginLATPort
-replyItem      LM-Password                     lmPassword
-replyItem      NT-Password                     ntPassword
-replyItem      SMB-Account-CTRL-TEXT           acctFlags
+replyItem      Reply-Message                   radiusReplyMessage
+replyItem      Tunnel-Type                     radiusTunnelType
+replyItem      Tunnel-Medium-Type              radiusTunnelMediumType
+replyItem      Tunnel-Private-Group-Id         radiusTunnelPrivateGroupId
Unnamed repository; edit this file 'description' to name the repository.