LDAP RADIUS Translation

Warning

Mideye Server 5 is no longer updated, and new installations are not supported. Only existing Mideye Server 5 installations and upgrades are supported. Please use Mideye Server 6 for new installations and continued support.

To further extend the functionality of RADIUS, LDAP-RADIUS Translation can be used to assign specific users or group permissions from LDAP when logging in using a VPN-concentrator.

Make sure that LDAP-RADIUS Translation is enabled in the LDAP-profile. Navigate to "Configuration" and "LDAP-RADIUS Translation".

Press "Create a new LDAP-RADIUS translation rule", and define a new rule corresponding to a specific group name attribute in the LDAP repository (see screenshot below). In the field "LDAP Value", enter the full Distinguished Name of the group. Note that it is important that the exact group name is specified – the translation is both case and blank-space sensitive.

To make sure the correct DN is written, from ADUC, open the attribute editor of the group and simply copy the value and paste it into the "LDAP Attribute Value" field in Mideye Server. Wildcard/Java Regular Expressions, e,g. CN=Mideye-administrators.* are supported

In the RADIUS Attribute Type, select the desired attribute, and add a suitable RADIUS Value for the group and click "Save". To know what attribute that should be used and how to configure it, consult the manufacturer of the VPN concentrator.