Sophie

Sophie

distrib > Mandriva > 9.2 > i586 > by-pkgid > a804ef007a99f7d26cf24253c2994680 > files > 686

howto-html-ja-9.1-0.5mdk.noarch.rpm

<HTML
><HEAD
><TITLE
>LDAP $B$r;H$C$?(B Radius $BG'>Z(B</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.54"><LINK
REL="HOME"
TITLE="LDAP Implementation HOWTO"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="pam_ldap $B$H(B nss_ldap $B$r;H$C$?(B LDAP $BG'>Z(B"
HREF="pamnss.html"><LINK
REL="NEXT"
TITLE="Samba"
HREF="samba.html"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
><DIV
CLASS="NAVHEADER"
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>LDAP Implementation HOWTO</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="pamnss.html"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="samba.html"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="RADIUS"
>3. LDAP $B$r;H$C$?(B Radius $BG'>Z(B</A
></H1
><P
>Radius $B%5!<%P$O!"(BRadius $B%W%m%H%3%k%5!<%P$N3+@_$r(B Un*x
$B%*%Z%l!<%F%#%s%0%7%9%F%`$G2DG=$H$9$k%G!<%b%s$G$9!#$3$l$O$U$D$&!"(B
$B%@%$%"%k%"%C%W%f!<%6$NG'>Z$*$h$S%"%+%&%s%H4IM}$N$?$a$K;H$o$l$^$9!#(B
$B%5!<%P$rMxMQ$9$k$K$O!"$=$N%5!<%P$KOC$7$+$1$k$3$H$K$J$k(B
$B%/%i%$%"%s%H$bE,@Z$K@_Dj$9$kI,MW$,$"$j$^$9!#DL>o!"%/%i%$%"%s%H$O(B
$B%?!<%_%J%k%5!<%P$+!"$^$?$O%?!<%_%J%k%5!<%P$r%(%_%e%l!<%H$9$k(B
$BE,@Z$J%=%U%H(B (PortSlave $B$d(B radiusclient $BEy!9(B) $B$N$"$k(B PC $B$G$9!#(B
[FreeRadius $B$N(B FAQ $B$h$j(B]</P
><P
>Radius $B$O%f!<%6$K$D$$$F$N<+A0$N%G!<%?%Y!<%9$r;}$C$F$$$^$9$,!"(B
$BF1$8>pJs$,(B LDAP $B$K$b4^$^$l$F$$$k$N$G!"$3$C$A$r;H$&J}$,JXMx$G$9!*(B</P
><P
>$B%U%j!<%&%'%"$N(B Radius $B%5!<%P$O4v$D$+$"$j$^$9$,!"(B
LDAP $B$X$N%5%]!<%H$,NI$$$b$N$K(B FreeRadius $B$H$$$&%5!<%P(B (<A
HREF="http://www.freeradius.org"
TARGET="_top"
>http://www.freeradius.org</A
>)
$B$,$"$j$^$9!#$3$l$O$^$@3+H/HG$H$O$$$(!"(B
LDAP $B%b%8%e!<%k$O$&$^$/F0:n$7$F$$$^$9!#(B</P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN365"
>3.1. FreeRadius $BHG(B Radiusd $B$N@_Dj(B</A
></H2
><P
>$B%5!<%P$r%$%s%9%H!<%k$7$?$J$i!"(B
$B@_Dj%U%!%$%k$rMQ$$$F@_Dj$7$J$/$F$O$J$j$^$;$s!#(B
$B@_Dj%U%!%$%k$O(B <TT
CLASS="FILENAME"
>/etc/raddb</TT
> ($B$^$?$O(B
<TT
CLASS="FILENAME"
>/usr/local/etc/raddb</TT
>) $B0J2<$KG[CV$5$l$F$$$^$9!#(B</P
><P
><TT
CLASS="FILENAME"
>radiusd.conf</TT
> $B$NFbMF$O!"0J2<$N$h$&$K(B
$BJT=8$7$F$/$@$5$$!#(B</P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>[$B>JN,(B]
# Uncomment this if you want to use ldap (Auth-Type = LDAP)
# Also uncomment it in the authenticate{} block below
        ldap {
                server   = ldap.yourorg.com
                #login    = "cn=admin,o=My Org,c=US"
                #password = mypass
                basedn   = "ou=users,dc=yourorg,dc=com"
                filter   = "(&#38;(objectclass=posixAccount)(uid=%u))"
        }

[$B>JN,(B]

# Authentication types, Auth-Type = System and PAM for now.
authenticate {
        pam
        unix
#       sql
#       sql2  
# Uncomment this if you want to use ldap (Auth-Type = LDAP)
        ldap
}
[$B>JN,(B]</PRE
></FONT
></TD
></TR
></TABLE
></P
><P
>$B$^$?!"(B<TT
CLASS="FILENAME"
>dictionary</TT
> $B%U%!%$%k$b(B
$B0J2<$N$h$&$KJT=8$7$F$/$@$5$$!#(B</P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>[$B>JN,(B]
#
#       Non-Protocol Integer Translations
#

VALUE           Auth-Type               Local                   0
VALUE           Auth-Type               System                  1
VALUE           Auth-Type               SecurID                 2
VALUE           Auth-Type               Crypt-Local             3
VALUE           Auth-Type               Reject                  4
VALUE           Auth-Type               ActivCard               4
VALUE           Auth-Type               LDAP                    5
[$B>JN,(B]</PRE
></FONT
></TD
></TR
></TABLE
></P
><P
>$B$5$i$K(B <TT
CLASS="FILENAME"
>users</TT
> $B%U%!%$%k$N(B
$B%G%U%)%k%H$NG'>ZJ}<0$N%(%s%H%j$r<!$N$h$&$K$7$F$/$@$5$$!#(B</P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>[$B>JN,(B]
DEFAULT		Auth-Type = LDAP
		Fall-Through = 1
[$B>JN,(B]</PRE
></FONT
></TD
></TR
></TABLE
></P
><P
>$B$9$G$K(B LDAP $B%5!<%P$r(B Un*x $B$N%"%+%&%s%H4IM}$N$?$a$K(B
$B@_Dj$7$F$"$l$P!"$3$l$G==J,$G$9!#(B</P
><P
>LDAP $B%5!<%P>e$G$O!"(BRadius $B%5!<%P$,$"$i$f$k(B posixAccount $B$N(B
$BB0@-(B ($BFC$K(B <TT
CLASS="FILENAME"
>uid</TT
> $B$H(B <TT
CLASS="FILENAME"
>userpassword</TT
>)
$B$r3N<B$KFI$`$3$H$,$G$-$k$h$&$K$7$F$*$$$F$/$@$5$$!#(B</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN386"
>3.2. Radius $BG'>Z$N%F%9%H(B</A
></H2
><P
>$B%5!<%P$r%F%9%H$9$k$?$a$K!"<!$N$h$&$K(B
<TT
CLASS="FILENAME"
>radiusd</TT
> $B$r%G%P%C%0%b!<%I$G5/F0$7$F$/$@$5$$!#(B</P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>/usr/local/sbin/radiusd -X -A</PRE
></FONT
></TD
></TR
></TABLE
></P
><P
>$B$=$l$+$i<!$N$h$&$J9=J8$G(B
<TT
CLASS="FILENAME"
>radtest</TT
> $B$r;H$$$^$9!#(B</P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>radtest $B%f!<%6L>(B "$B%Q%9%o!<%I(B" radius.yourorg.com 1 testing123 </PRE
></FONT
></TD
></TR
></TABLE
></P
><P
>$B$9$Y$F$&$^$/$$$1$P!"(BAccess-Accept $B%Q%1%C%H$r(B
$B$=$N(B Radius $B%5!<%P$+$i<u?.$9$k$O$:$G$9!#(B</P
><P
>$B%/%i%$%"%s%H%b!<%I$G(B stunnel $B$r;H$C$F!"(B
Radius $B%5!<%P$H(B LDAPS $B%5!<%P4V$N@\B3$K(B SSL $B$rDs6!$9$k$3$H$b$G$-$^$9!#(B
SSL $B$N>\:Y$K$D$$$F$O(B <A
HREF="ssl.html"
>Section 10</A
> $B$r;2>H$7$F$/$@$5$$!#(B</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN399"
>3.3. Cisco IOS $B$N@_DjNc(B</A
></H2
><P
>$BK|A4$r4|$9$k$?$a$K!"$3$3$K(B Cisco IOS $B$N@_DjNc$r=q$$$F$*$-$^$9!#(B
$B$?$@!"$3$NNc$O$3$N(B HOWTO $B$NL\E*$H$O30$l$F$$$^$9$N$G!"(B
$B$"$J$?$NMW5a$K$OE,9g$7$F$$$J$$$+$b$7$l$^$;$s!#(B</P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
>[$B>JN,(B]
aaa new-model
aaa authentication login default radius enable
aaa authentication ppp default radius
aaa authorization network radius
[$B>JN,(B]
radius-server host 192.168.10.1
radius-server timeout 10
radius-server key cisco
[$B>JN,(B]</PRE
></FONT
></TD
></TR
></TABLE
></P
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
>$B$[$H$s$I$9$Y$F$N(B NAS $B$O(B Radius $B$K(B 1645 $BHV$N%]!<%H$r;HMQ$7$^$9!#(B
$B3NG'$N$&$(!"E,@Z$K%5!<%P$r@_Dj$7$F$/$@$5$$!#(B</P
></BLOCKQUOTE
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="pamnss.html"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="samba.html"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>pam_ldap $B$H(B nss_ldap $B$r;H$C$?(B LDAP $BG'>Z(B</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Samba</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional