Question concerning changing a User-Name

Bryan Graham bryan at cs.tamu.edu
Fri Apr 3 00:55:09 CEST 2009


    I'm using freeradius 2.1.4, hand compiled, and running on Solaris 
10, in a zone.

    I've already got my server authorizing off of ldap and 
authenticating off of kerberos.  What I would like to do is something 
slightly trickier.  I would like to authorize off ldap and then 
authenticate off of kerberos, but using a different username.  
Optimally, this would happen by storing the alternate username in ldap, 
and then setting the username that will be used to authenticate against 
kerberos to this entry.  I don't know if I would have to try to change 
the User-Name field (which I haven't had luck doing via the users file), 
or if there is some way to tell rlm_krb5 "hey, user this username 
instead".  Worst case, I could create a mapping somewhere in a text file 
if needed, but storing the "other" username in ldap would be optimal.

thanks,
Bryan Graham



More information about the Freeradius-Users mailing list