Re: active directory host authentication
Hi,
> I tried something similar i used attr_rewrite to replace the bad parts
> of User-Name with the modified correct values, it, however because i am
> using eap-ttls, i got an eap error
> "rlm_eap: Identity does not match User-Name, setting from EAP Identity.
> rlm_eap: Failed in handler"
ah! you really cannot play with User-Name - as you have found, the client
doesnt like that to be changed. what you want to do is copy User-Name
to Stripped-User-Name and then play with Stripped-User-Name - and
use that in the rest of the stages.
attr_rewrite is the one you want to use - i've just been busy with
some other things - attr_filter was a typo!
alan
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.