EAP-TLS - About username sent by supplicant

Fri Dec 14 14:43:54 CET 2007

Alexism a écrit :
> Hello,
>
> I have the same problem but this procedure don't work in my environment
> (FREERADIUS, OpenLDAP, SAMBA).
>
> I have this eap error : rlm_eap: Identity does not match User-Name, setting
> from EAP Identity.
>   rlm_eap: Failed in handler
>
> Can you send me your radiusd.conf ?
>
> Regards
>
>
>
> OLIVER Patrice wrote:
>   
>> Hello,
>>
>> It works, thanks. :)
>>
>> Regards.
>>
>> -----Original Message-----
>> From: A.L.M.Buxey at lboro.ac.uk
>> To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
>> Date: Fri, 14 Dec 2007 09:39:08 +0000
>> Subject: Re: EAP-TLS - About username sent by supplicant
>>
>>     
>>> Hi,
>>>
>>>       
>>>> My question deals with the username sent by the supplicant when the
>>>>         
>>> authentication goes on. At
>>> boot
>>>       
>>>> time, the username sent is : host/user_name. After the login, the
>>>>         
>>> username sent is : user_name.
>>> So, I
>>>       
>>>> have to create 2 users. I want to cut 'host/' to make this task easier.
>>>>         
>>> It is possible ? How do I
>>> do this ?
>>>
>>> attr_filter or somesuch eg put these into radiusd.conf
>>>
>>> attr_rewrite copy-user-name {
>>> attribute = Stripped-User-Name
>>> new_attribute = yes
>>> searchfor = ""
>>> searchin = packet
>>> replacewith = "%{User-Name}"
>>> }
>>>
>>> attr_rewrite remove-host {
>>> attribute = Stripped-User-Name
>>> searchfor = "^(host/.*)"
>>> searchin = packet
>>> new_attribute = no
>>> replacewith = "%{1}"
>>> }
>>>
>>> and then call these 2 functions in your authorize section
>>> (radiusd.conf or sites-enabled/wherever (for FR 2.0) )
>>>
>>>         copy-user-name
>>>         remove-host
>>>
>>> just before the other modules are called - eg chap, auth_log etc etc
>>>
>>> alan
>>> -
>>> List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>       
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>>     
>
>   
Hello,

It's attached to his mail.
:)

Regards.

-- 
*Hospices Civils de Beaune*
*Patrice OLIVER*
/Chef de Projet Ville Hôpital/
/Responsable Réseau & Sécurité/
BP 104
21203 BEAUNE Cedex 	Tél. 03 80 24 44 09
Fax. 03 80 24 45 90

------------------------------------------------------------------------
Ce message, y compris les pièces jointes, est établi à l'attention 
exclusive de son ou ses destinataires et est confidentiel. Toute 
utilisation non conforme à sa destination, toute diffusion ou 
publication, totale ou partielle, est interdite sauf autorisation 
expresse de l'expéditeur. Si vous n'êtes pas le destinataire de ce 
message, merci d'avertir l'expéditeur de l'erreur de distribution puis 
de le détruire.
Tout message électronique est susceptible d'altération et son intégrité 
ne peut être assurée. L'expéditeur décline toute responsabilité dans 
l'hypothèse où il aurait été modifié ou falsifié.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071214/c751645c/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radiusd.conf
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071214/c751645c/attachment.ksh>