From 2f70074833769eac35d0e349fac6bb83271bc929 Mon Sep 17 00:00:00 2001
From: Nachtfalke <nachtfalkeaw@web.de>
Date: Tue, 10 Jan 2012 22:23:43 +0100
Subject: Update config/freeradius2/freeradiusmodulesldap.xml

---
 config/freeradius2/freeradiusmodulesldap.xml | 277 ++++++++++++++++++++++++++-
 1 file changed, 271 insertions(+), 6 deletions(-)

(limited to 'config')

diff --git a/config/freeradius2/freeradiusmodulesldap.xml b/config/freeradius2/freeradiusmodulesldap.xml
index 06a990e7..cf7f5b33 100644
--- a/config/freeradius2/freeradiusmodulesldap.xml
+++ b/config/freeradius2/freeradiusmodulesldap.xml
@@ -98,7 +98,7 @@
 	</tabs>
 	<fields>
 		<field>
-			<name>ENABLE LDAP SUPPORT</name>
+			<name>ENABLE LDAP SUPPORT - SERVER 1</name>
 			<type>listtopic</type>
 		</field>		
 		<field>
@@ -106,6 +106,7 @@
 			<fieldname>varmodulesldapenableauthorize</fieldname>
 			<description><![CDATA[This enables LDAP in authorize section. The ldap module will set Auth-Type to LDAP if it has not already been set. (Default: unchecked)]]></description>
 			<type>checkbox</type>
+			<enablefields>varmodulesldap2enableauthenticate,varmodulesldapkeepaliveinterval,varmodulesldapkeepaliveprobes,varmodulesldapkeepaliveidle,varmodulesldapmsadcompatibilityenable,varmodulesldapnettimeout,varmodulesldaptimelimit,varmodulesldaptimeout,varmodulesldapldapconnectionsnumber,varmodulesldapbasefilter,varmodulesldapfilter,varmodulesldapbasedn,varmodulesldappassword,varmodulesldapidentity,varmodulesldapserver,varmodulesldap2enableauthorize,varmodulesldap2enableauthenticate,varmodulesldap2server,varmodulesldap2identity,varmodulesldap2password,varmodulesldap2basedn,varmodulesldap2filter,varmodulesldap2basefilter,varmodulesldap2ldapconnectionsnumber,varmodulesldap2timeout,varmodulesldap2timelimit,varmodulesldap2nettimeout,varmodulesldap2msadcompatibilityenable,varmodulesldap2dmiscenable,varmodulesldap2groupenable,varmodulesldap2keepaliveidle,varmodulesldap2keepaliveprobes,varmodulesldap2keepaliveinterval</enablefields>
 		</field>
 		<field>
 			<fielddescr>Enable LDAP For Authentication</fielddescr>
@@ -114,7 +115,7 @@
 			<type>checkbox</type>
 		</field>
 		<field>
-			<name>GENERAL CONFIGURATION</name>
+			<name>GENERAL CONFIGURATION - SERVER 1</name>
 			<type>listtopic</type>
 		</field>
 		<field>
@@ -198,7 +199,7 @@
 			<default_value>1</default_value>
 		</field>
 		<field>
-			<name>MISCELLANEOUS CONFIGURATION</name>
+			<name>MISCELLANEOUS CONFIGURATION - SERVER 1</name>
 			<type>listtopic</type>
 		</field>
 		<field>
@@ -213,7 +214,7 @@
 					</options>
 		</field>
 		<field>
-			<fielddescr>Enable Misc Configuration</fielddescr>
+			<fielddescr>Enable Misc Configuration - SERVER 1</fielddescr>
 			<fieldname>varmodulesldapdmiscenable</fieldname>
 			<description><![CDATA[By default the below options are not active in the configuration. (Default: unchecked)]]></description>
 			<type>checkbox</type>
@@ -244,7 +245,7 @@
 			<default_value>dialupAccess</default_value>
 		</field>
 		<field>
-			<name>Group Membership Options</name>
+			<name>Group Membership Options - SERVER 1</name>
 			<type>listtopic</type>
 		</field>
 		<field>
@@ -312,7 +313,7 @@
 					</options>
 		</field>
 		<field>
-			<name>KEEPALIVE CONFIGURATION</name>
+			<name>KEEPALIVE CONFIGURATION - SERVER 1</name>
 			<type>listtopic</type>
 		</field>
 		<field>
@@ -339,6 +340,270 @@
 			<size>80</size>
 			<default_value>3</default_value>
 		</field>
+		
+		
+		<field>
+			<name>ENABLE REDUNDANT LDAP SERVER SUPPORT</name>
+			<type>listtopic</type>
+		</field>
+		<field>
+			<fielddescr>Choose Failover/Loadbalancing Mode</fielddescr>
+			<fieldname>varmodulesldap2failover</fieldname>
+			<description><![CDATA[Choose the interaction of the two LDAP servers: (Default: redundant)<br><br>
+								<b>redundant:</b> If server 1 fails failover to server 2<br>
+								<b>load-balance:</b> The load is balanced 50:50 to both servers<br>
+								<b>redundant-load-balance:</b> The load is balanced 50:50 to both servers. If one is down the other does 100%.]]></description>
+			<type>select</type>
+			<default_value>redundant</default_value>
+					<options>
+						<option><name>Redundant</name><value>redundant</value></option>
+						<option><name>Load-Balance</name><value>load-balance</value></option>
+						<option><name>Redundant-Load-Balance</name><value>redundant-load-balance</value></option>
+					</options>
+		</field>
+		<field>
+			<name>ENABLE LDAP SUPPORT - SERVER 2</name>
+			<type>listtopic</type>
+		</field>
+		<field>
+			<fielddescr>Enable LDAP For Authorization</fielddescr>
+			<fieldname>varmodulesldap2enableauthorize</fieldname>
+			<description><![CDATA[This enables LDAP in authorize section. The ldap module will set Auth-Type to LDAP if it has not already been set. (Default: unchecked)]]></description>
+			<type>checkbox</type>
+			<enablefields>varmodulesldap2enableauthenticate,varmodulesldap2server,varmodulesldap2identity,varmodulesldap2password,varmodulesldap2basedn,varmodulesldap2filter,varmodulesldap2basefilter,varmodulesldap2ldapconnectionsnumber,varmodulesldap2timeout,varmodulesldap2timelimit,varmodulesldap2nettimeout,varmodulesldap2msadcompatibilityenable,varmodulesldap2dmiscenable,varmodulesldap2groupenable,varmodulesldap2keepaliveidle,varmodulesldap2keepaliveprobes,varmodulesldap2keepaliveinterval</enablefields>
+		</field>
+		<field>
+			<fielddescr>Enable LDAP For Authentication</fielddescr>
+			<fieldname>varmodulesldap2enableauthenticate</fieldname>
+			<description><![CDATA[This enables LDAP in authenticate section. Note that this means "check plain-text password against the ldap database", which means that EAP won't work, as it does not supply a plain-text password.]]></description>
+			<type>checkbox</type>
+		</field>
+		<field>
+			<name>GENERAL CONFIGURATION - SERVER 2</name>
+			<type>listtopic</type>
+		</field>
+		<field>
+			<fielddescr>Server</fielddescr>
+			<fieldname>varmodulesldap2server</fieldname>
+			<description><![CDATA[No description. (Default: ldap.your.domain )]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>ldap.your.domain</default_value>
+		</field>
+		<field>
+			<fielddescr>Identity</fielddescr>
+			<fieldname>varmodulesldap2identity</fieldname>
+			<description><![CDATA[No description. (Default: cn=admin,o=My Org,c=UA )]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value><![CDATA[cn=admin,o=My Org,c=UA]]></default_value>
+		</field>
+		<field>
+			<fielddescr>Password</fielddescr>
+			<fieldname>varmodulesldap2password</fieldname>
+			<description><![CDATA[No description. (Default: mypass)]]></description>
+			<type>password</type>
+			<size>80</size>
+			<default_value>mypass</default_value>
+		</field>
+		<field>
+			<fielddescr>Basedn</fielddescr>
+			<fieldname>varmodulesldap2basedn</fieldname>
+			<description><![CDATA[No description (Default: o=My Org,c=UA )]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value><![CDATA[o=My Org,c=UA]]></default_value>
+		</field>
+		<field>
+			<fielddescr>Filter</fielddescr>
+			<fieldname>varmodulesldap2filter</fieldname>
+			<description><![CDATA[No description. (Default:   (uid=%{%{Stripped-User-Name}:-%{User-Name}})   )]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value><![CDATA[(uid=%{%{Stripped-User-Name}:-%{User-Name}})]]></default_value>
+		</field>
+		<field>
+			<fielddescr>Base Filter</fielddescr>
+			<fieldname>varmodulesldap2basefilter</fieldname>
+			<description><![CDATA[No description. (Default:   (objectclass=radiusprofile)   )]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value><![CDATA[(objectclass=radiusprofile)]]></default_value>
+		</field>
+		<field>
+			<fielddescr>LDAP Connections Number</fielddescr>
+			<fieldname>varmodulesldap2ldapconnectionsnumber</fieldname>
+			<description><![CDATA[How many connections to keep open to the LDAP server. This saves time over opening a new LDAP socket for every authentication request. (Default: 5)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>5</default_value>
+		</field>
+		<field>
+			<fielddescr>Timeout</fielddescr>
+			<fieldname>varmodulesldap2timeout</fieldname>
+			<description><![CDATA[Seconds to wait for LDAP query to finish. (Default: 4)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>4</default_value>
+		</field>
+		<field>
+			<fielddescr>Timelimit</fielddescr>
+			<fieldname>varmodulesldap2timelimit</fieldname>
+			<description><![CDATA[Seconds the LDAP server has to process the query (server-side time limit). (Default: 3)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>3</default_value>
+		</field>
+		<field>
+			<fielddescr>Net Timeout</fielddescr>
+			<fieldname>varmodulesldap2nettimeout</fieldname>
+			<description><![CDATA[Seconds to wait for response of the server because of network failures. (Default: 1)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>1</default_value>
+		</field>
+		<field>
+			<name>MISCELLANEOUS CONFIGURATION - SERVER 2</name>
+			<type>listtopic</type>
+		</field>
+		<field>
+			<fielddescr>Active Directory Compatibility</fielddescr>
+			<fieldname>varmodulesldap2msadcompatibilityenable</fieldname>
+			<description><![CDATA[If you see the helpful "operations error" being returned to the LDAP module enable this. (Default: Disable)]]></description>
+			<type>select</type>
+			<default_value>Disable</default_value>
+					<options>
+						<option><name>Disable</name><value>Disable</value></option>
+						<option><name>Enable</name><value>Enable</value></option>
+					</options>
+		</field>
+		<field>
+			<fielddescr>Enable Misc Configuration</fielddescr>
+			<fieldname>varmodulesldap2dmiscenable</fieldname>
+			<description><![CDATA[By default the below options are not active in the configuration. (Default: unchecked)]]></description>
+			<type>checkbox</type>
+			<enablefields>varmodulesldap2defaultprofile,varmodulesldap2profileattribute,varmodulesldap2accessattr</enablefields>
+		</field>
+		<field>
+			<fielddescr>Default Profile</fielddescr>
+			<fieldname>varmodulesldap2defaultprofile</fieldname>
+			<description><![CDATA[No description. (Default: cn=radprofile,ou=dialup,o=My Org,c=UA )]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value><![CDATA[cn=radprofile,ou=dialup,o=My Org,c=UA]]></default_value>
+		</field>
+		<field>
+			<fielddescr>Profile Attribute</fielddescr>
+			<fieldname>varmodulesldap2profileattribute</fieldname>
+			<description><![CDATA[No description. (Default: radiusProfileDn)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>radiusProfileDn</default_value>
+		</field>
+		<field>
+			<fielddescr>Access Attribute</fielddescr>
+			<fieldname>varmodulesldap2accessattr</fieldname>
+			<description><![CDATA[No description. (Default: dialupAccess)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>dialupAccess</default_value>
+		</field>
+		<field>
+			<name>Group Membership Options - SERVER 2</name>
+			<type>listtopic</type>
+		</field>
+		<field>
+			<fielddescr>Enable Group Membership Options</fielddescr>
+			<fieldname>varmodulesldap2groupenable</fieldname>
+			<description><![CDATA[By default the below options are not active in the configuration. (Default: unchecked)]]></description>
+			<type>checkbox</type>
+			<enablefields>varmodulesldap2accessattrusedforallow,varmodulesldap2doxlat,varmodulesldap2comparecheckitems,varmodulesldap2groupmembershipattribute,varmodulesldap2groupmembershipfilter,varmodulesldap2groupnameattribute</enablefields>
+		</field>
+		<field>
+			<fielddescr>Groupname Attribute</fielddescr>
+			<fieldname>varmodulesldap2groupnameattribute</fieldname>
+			<description><![CDATA[No description. (Default: cn)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>cn</default_value>
+		</field>
+		<field>
+			<fielddescr>Groupmembership Filter</fielddescr>
+			<fieldname>varmodulesldap2groupmembershipfilter</fieldname>
+			<description><![CDATA[No description. (Default: (|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{control:Ldap-UserDn})))  )]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value><![CDATA[(|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{control:Ldap-UserDn})))]]></default_value>
+		</field>
+		<field>
+			<fielddescr>Groupmembership Attribute</fielddescr>
+			<fieldname>varmodulesldap2groupmembershipattribute</fieldname>
+			<description><![CDATA[No description. (Default: radiusGroupName)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>radiusGroupName</default_value>
+		</field>
+		<field>
+			<fielddescr>Compare Check Items</fielddescr>
+			<fieldname>varmodulesldap2comparecheckitems</fieldname>
+			<description><![CDATA[No description. (Default: Yes)]]></description>
+			<type>select</type>
+			<default_value>Yes</default_value>
+					<options>
+						<option><name>Yes</name><value>yes</value></option>
+						<option><name>No</name><value>no</value></option>
+					</options>
+		</field>
+		<field>
+			<fielddescr>Do XLAT</fielddescr>
+			<fieldname>varmodulesldap2doxlat</fieldname>
+			<description><![CDATA[No description. (Default: Yes)]]></description>
+			<type>select</type>
+			<default_value>Yes</default_value>
+					<options>
+						<option><name>Yes</name><value>yes</value></option>
+						<option><name>No</name><value>no</value></option>
+					</options>
+		</field>
+		<field>
+			<fielddescr>Access Attribute Used For Allow</fielddescr>
+			<fieldname>varmodulesldap2accessattrusedforallow</fieldname>
+			<description><![CDATA[No description. (Default: Yes)]]></description>
+			<type>select</type>
+			<default_value>Yes</default_value>
+					<options>
+						<option><name>Yes</name><value>yes</value></option>
+						<option><name>No</name><value>no</value></option>
+					</options>
+		</field>
+		<field>
+			<name>KEEPALIVE CONFIGURATION - SERVER 2</name>
+			<type>listtopic</type>
+		</field>
+		<field>
+			<fielddescr>LDAP OPT X KEEPALIVE IDLE</fielddescr>
+			<fieldname>varmodulesldap2keepaliveidle</fieldname>
+			<description><![CDATA[No description. (Default: 60)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>60</default_value>
+		</field>
+		<field>
+			<fielddescr>LDAP OPT X KEEPALIVE PROBES</fielddescr>
+			<fieldname>varmodulesldap2keepaliveprobes</fieldname>
+			<description><![CDATA[No description. (Default: 3)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>3</default_value>
+		</field>
+		<field>
+			<fielddescr>LDAP OPT X KEEPALIVE INTERVAL</fielddescr>
+			<fieldname>varmodulesldap2keepaliveinterval</fieldname>
+			<description><![CDATA[No description. (Default: 3)]]></description>
+			<type>input</type>
+			<size>80</size>
+			<default_value>3</default_value>
+		</field>
 	</fields>
 	<custom_delete_php_command>
 		freeradius_modulesldap_resync();
-- 
cgit v1.2.3