]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 505459a)
ldap: Add tacacs client schema
authorArran Cudbard-Bell <a.cudbardb@freeradius.org>
Sat, 20 May 2023 05:35:21 +0000 (01:35 -0400)
committerArran Cudbard-Bell <a.cudbardb@freeradius.org>
Sat, 20 May 2023 05:35:33 +0000 (01:35 -0400)
doc/schemas/ldap/openldap/freeradius-tacacs.ldif [new file with mode: 0644] patch | blob
doc/schemas/ldap/openldap/freeradius-tacacs.schema [new file with mode: 0644] patch | blob
doc/schemas/ldap/openldap/oid_layout.txt patch | blob | blame | history

diff --git a/doc/schemas/ldap/openldap/freeradius-tacacs.ldif b/doc/schemas/ldap/openldap/freeradius-tacacs.ldif
new file mode 100644 (file)
index 0000000..1f93a64
--- /dev/null
+++ b/doc/schemas/ldap/openldap/freeradius-tacacs.ldif
@@ -0,0 +1,6 @@
+dn: cn=freeradius-tacacs,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: freeradius-tacacs
+olcAttributeTypes: ( 1.3.6.1.4.1.11344.4.5.1.1.1 NAME 'tacacsClientSecret' DESC 'Client Secret' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+olcAttributeTypes: ( 1.3.6.1.4.1.11344.4.5.1.1.2 NAME 'tacacsClientSingleConnectionMode' DESC 'Set whether we allow and request single connection mode for this client' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
+olcObjectClasses: ( 1.3.6.1.4.1.11344.4.5.1.2.1 NAME 'tacacsClient' SUP top AUXILIARY MUST tacacsClientSecret MAY tacacsClientSingleConnectionMode )
diff --git a/doc/schemas/ldap/openldap/freeradius-tacacs.schema b/doc/schemas/ldap/openldap/freeradius-tacacs.schema
new file mode 100644 (file)
index 0000000..4b9b586
--- /dev/null
+++ b/doc/schemas/ldap/openldap/freeradius-tacacs.schema
@@ -0,0 +1,32 @@
+#
+# 11344.4.5.1.[1|2]
+# |     | | |   |_ .1 Profile attributes, .2 profile objects
+# |     | | |_ Client
+# |     | |_ RADIUS
+# |     |_ LDAP Attributes
+# |_ Vendor
+#
+attributetype ( 1.3.6.1.4.1.11344.4.5.1.1.1
+       NAME 'tacacsClientSecret'
+       DESC 'Client Secret'
+       EQUALITY caseIgnoreMatch
+       SUBSTR caseIgnoreSubstringsMatch
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+       SINGLE-VALUE
+ )
+
+ attributetype ( 1.3.6.1.4.1.11344.4.5.1.1.2
+       NAME 'tacacsClientSingleConnectionMode'
+       DESC 'Set whether we allow and request single connection mode for this client'
+       EQUALITY booleanMatch
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+       SINGLE-VALUE
+ )
+
+objectclass ( 1.3.6.1.4.1.11344.4.5.1.2.1
+       NAME 'tacacsClient'
+       SUP top
+       AUXILIARY
+       MUST ( tacacsClientSecret )
+       MAY (tacacsClientSingleConnectionMode)
+ )
diff --git a/doc/schemas/ldap/openldap/oid_layout.txt b/doc/schemas/ldap/openldap/oid_layout.txt
index 25816579c652ed39f19af68053b0daef12ee93c0..b7328fe6318ee35b9fe871838efaf6c95f649767 100644 (file)
--- a/doc/schemas/ldap/openldap/oid_layout.txt
+++ b/doc/schemas/ldap/openldap/oid_layout.txt
@@ -14,6 +14,7 @@ For LDAP attributes and Dictionary attributes, the next node indicates protocol
 1.3.6.1.4.1.11344.4.2 - RADIUS
 1.3.6.1.4.1.11344.4.3 - DHCPv4
 1.3.6.1.4.1.11344.4.4 - DHCPv6
+1.3.6.1.4.1.11344.4.5 - TACACS+
 ```
 
 Next we distinguish between the types of object.  There's usually three objects for each protocol
Mirror of https://github.com/FreeRADIUS/freeradius-server.git