3.46.4. AuthFieldDef Previous topic Parent topic Child topic Next topic

This optional parameter allows you to specify precisely how the fields in the NIS+ table are to be interpreted. If any AuthFieldDef parameters are specified, EncryptedPasswordField will be completely ignored, and you will have to define every check and reply item (including the encrypted password) with an AuthFieldDef entry.
You can specify as many AuthFieldDef parameters as you like, one for each check and reply item in the NIS+ table.
You can specify any number of AuthFieldDef parameters, one for each interesting field in the NIS+ table. The general format is:
AuthFieldDef fieldname,attributename,type
  • fieldname is the field in the NIS+ table that contains the value to check or reply. If fieldname is not present in the NIS+ table, or is empty for the user, it will not be used.
  • attributename is the name of the radius attribute to be checked or replied. The special attributename ‘GENERIC’ indicates that it is a list of comma separated attribute= value pairs, not just a single attribute
  • type indicates whether it is a check or reply item

Example

The standard NIS+ passwd table contains user name and encrypted password. You can interface to such a table by having an empty AuthBy NISPLUS clause:
<AuthBy NISPLUS>
</AuthBy>
Just for illustration purposes, that is exactly equivalent to the following:
<AuthBy NISPLUS>
      Table passwd.org_dir
      Query [name=%n]
      AuthFieldDef passwd,Encrypted-Password,check
</AuthBy>

Example

You might define a special NIS+ table something like this: the table called “users” contains user names in the “uname” column, encrypted password in the “pw” column, and an optional IP address to use in the “address” column:
<AuthBy NISPLUS>
      Table users.org_dir
      Query [uname=%n]
      AuthFieldDef pw,Encrypted-Password,check
      AuthFieldDef address,Framed-IP-Address,reply
</AuthBy>