This optional parameter allows you to specify precisely how
the fields in the NIS+ table are to be interpreted. If any AuthFieldDef
parameters are specified, EncryptedPasswordField will be completely
ignored, and you will have to define every check and reply item (including
the encrypted password) with an AuthFieldDef entry.
You can specify
as many AuthFieldDef parameters as you like, one for each check and reply
item in the NIS+ table.
You can specify any number of AuthFieldDef
parameters, one for each interesting field in the NIS+ table. The general
format is:
AuthFieldDef fieldname,attributename,type
fieldname is the field in the NIS+ table that
contains the value to check or reply. If fieldname is not present in
the NIS+ table, or is empty for the user, it will not be used.attributename is the name of the radius
attribute to be checked or replied. The special attributename
‘GENERIC’ indicates that it is a list of comma separated attribute=
value pairs, not just a single attributetype indicates whether it is a check or reply
item
Example
The standard NIS+ passwd table contains user name and
encrypted password. You can interface to such a table by having an empty
AuthBy NISPLUS clause:
<AuthBy NISPLUS>
</AuthBy>
Just for illustration purposes, that is exactly
equivalent to the following:
<AuthBy NISPLUS>
Table passwd.org_dir
Query [name=%n]
AuthFieldDef passwd,Encrypted-Password,check
</AuthBy>
Example
You might define a special NIS+ table something like this: the
table called “users” contains user names in the “uname” column, encrypted
password in the “pw” column, and an optional IP address to use in the
“address” column:
<AuthBy NISPLUS>
Table users.org_dir
Query [uname=%n]
AuthFieldDef pw,Encrypted-Password,check
AuthFieldDef address,Framed-IP-Address,reply
</AuthBy>
