ACLs on RADIUS Information (Sun Directory Services 3.1 Administration Guide)

Sun Directory Services 3.1 Administration Guide

Previous: Configuring Dynamic Accounting
Next: RADIUS-to-LDAP Mapping

ACLs on RADIUS Information

RADIUS information in the LDAP directory is protected by a special set of ACLs. These are part of the dsserv.acl.conf file. The extract from this file is shown below.

# Radius ACLs
access to
attrs=chapPassword,radiusLoginPasswd,radiusPppPasswD,radiusSlipP
asswd
	by self write
	by * compare

access to attrs=sharedKey
	by self write
	by * compare

By default, users have write permission on the password and security attributes in their own entry, and read permission on all other attributes. All other users have compare permission on password and security attributes, and read permission on all other attributes.

Previous: Configuring Dynamic Accounting
Next: RADIUS-to-LDAP Mapping