RADIUS information in the LDAP directory is protected by a special set of ACLs. These are part of the dsserv.acl.conf file. The extract from this file is shown below.
# Radius ACLs access to attrs=chapPassword,radiusLoginPasswd,radiusPppPasswD,radiusSlipP asswd by self write by * compare access to attrs=sharedKey by self write by * compare
By default, users have write permission on the password and security attributes in their own entry, and read permission on all other attributes. All other users have compare permission on password and security attributes, and read permission on all other attributes.