Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

LDIF File Examples

 

This section explains how to construct LDIF files that, when input to the ldapmodify command, add entries to the Steel-Belted Radius Carrier database.

Note

If the radiusname string contains an equals sign (=), then it must be prefixed with a double backslash (\\) in the LDIF file entry. For example:

dn: radiusname="C\\=SE,O\\=GOOGLE",radiusclass=Native-User,o=radius

Adding RADIUS Clients with LDIF

Adding RADIUS Clients with LDIF

The sample LDIF entry shown in Figure 207 adds a RADIUS client named ANNEX105 to the Steel-Belted Radius Carrier database.

Figure 207: Adding RADIUS Clients
Adding RADIUS Clients

The syntax in this LDIF entry is shown in Figure 208.

Figure 208: LDIF Syntax
LDIF Syntax

Adding Users with LDIF

Adding Users with LDIF

The sample LDIF entry shown in Figure 209 adds a Local (Native) User, named KEVIN to the Steel-Belted Radius Carrier database.

Figure 209: Adding Users
Adding Users

The syntax in this LDIF entry is shown in Figure 210.

Figure 210: LDIF Syntax
LDIF Syntax

The LDIF file shown in Figure 211 add a local (native) user named CHRISTIAN, who has various attribute/value pairs assigned to his check list and return list.

Figure 211: Adding a Native User
Adding a Native User

Check lists and return lists are objects in the LDAP virtual schema, but the individual RADIUS attributes are not. Therefore, you must use a separate LDIF entry for each check list and return list object, but each LDIF entry can name multiple attribute/value pairs.

To indicate that a transaction applies to the user’s check list (rather than to the user entry itself), use the keyword check as the value for radiuslist and objectclass within the transaction. You must assign this value to radiuslist in the distinguished name, and again before the list of attributes. You must also assign the value to objectclass, above the second radiuslist entry.

To indicate the return list, use the keyword reply.

The LDIF syntax to add a user entry, complete with a check list and return list, is shown in Figure 212. The radiusname and radiusclass values for all of the transactions that apply to the same User entry must be the same.

Figure 212: Adding a User with Check List and Return List Attributes
Adding a User with Check List and Return List Attributes

Adding Proxy Targets with LDIF

Adding Proxy Targets with LDIF

The sample LDIF entry shown in Figure 213 adds the proxy RADIUS target BIGCO.COM to the Steel-Belted Radius Carrier database.

Figure 213: Adding Proxy Targets
Adding Proxy Targets

The syntax in this LDIF entry is shown in Figure 214.

Figure 214: LDIF Syntax
LDIF Syntax

Adding Tunnels with LDIF

Adding Tunnels with LDIF

The sample LDIF entry shown in Figure 215 adds the tunnel ACME.COM to the Steel-Belted Radius Carrier database.

Figure 215: Adding Tunnels
Adding Tunnels

The syntax in this LDIF entry is shown in Figure 216.

Figure 216: LDIF Syntax
LDIF Syntax

Adding IP Address Pools with LDIF

Adding IP Address Pools with LDIF

The sample LDIF entry shown in Figure 217 adds an IP address pool named POOL1 to the Steel-Belted Radius Carrier database.

Figure 217: Adding IP Address Pools
Adding IP Address Pools

The syntax in this LDIF entry is shown in Figure 218.

Figure 218: LDIF Syntax
LDIF Syntax

Configuring a RADIUS Server with LDIF

Configuring a RADIUS Server with LDIF

The sample LDIF entry shown in Figure 219 lets you configure your Steel-Belted Radius Carrier server by adding the Native User authentication method and defining conventions for tunnel name parsing.

Figure 219: Adding a RADIUS Server
Adding a RADIUS Server

The syntax in this LDIF entry is shown in Figure 220.

Figure 220: LDIF Syntax
LDIF Syntax