problem with NT-Password and LDAP

Ana Gallardo Gómez ana_gallardo_77 at hotmail.com
Tue Jan 2 11:59:10 CET 2007








----------------------------------------
> Date: Thu, 28 Dec 2006 08:44:22 -0800
> From: aland at deployingradius.com
> To: freeradius-users at lists.freeradius.org
> Subject: Re: problem with NT-Password and LDAP
> 
> Ana Gallardo Gómez wrote:
> 
> > Well, I can not modify the LDAP server, I only can use it,
> > so, while I ask the LDAP administrator to modify this atribute,
> > I would like to modify in Freeradius server.
> 
>   OK, use the "perl" module to re-write the attribute.  There is an
> "example.pl" distributed with the server that should be a good start.
> 
>   Alan DeKok.
> --

I'm goint to use the "perl" module, but first, and while I learn to use it, I probed the attr_rewrite module:

	attr_rewrite quitar_espacios {
		attribute = NT-Password
		# may be "packet", "reply", "proxy", "proxy_reply" or "config"
		searchin = config
		searchfor = " "
		replacewith = ""
		ignore_case = no
		new_attribute = no
		max_matches = 220
		## If set to yes then the replace string will be appended to the original string
		append = no
	}

I don't know if I can use regular expressions in "searcfor" field, and, in this case, what is the regular expressions grammar; or if is better with "max_matches = 220 and searchfor = " ""...

I use this module in authorize section:

authorize {
	preprocess
	suffix
	files
	Autz-Type LDAP_LOCAL{
           ldap_local 
        }
	Autz-Type LDAP_UNEX_ES{
           ldap_unex_es
	   quitar_espacios 
        }
	mschap  		
	eap
}


and I can authenticate users:

rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap_unex_es" returns ok for request 7
radius_xlat:  '                                                                                                              '
rlm_attr_rewrite: Changed value for attribute NT-Password from '06B11E3D941021E1A5C51C6868F2F0E6                                                                  ' to '06B11E3D941021E1A5C51C6868F2F0E6'
  modcall[authorize]: module "quitar_espacios" returns ok for request 7
modcall: leaving group LDAP_UNEX_ES (returns ok) for request 7


Thank you
_________________________________________________________________
¡Ya está aquí Windows Live Spaces! Ahora podrás crear fácilmente tu propio sitio Web.
http://spaces.live.com/signup.aspx



More information about the Freeradius-Users mailing list