New User and AD Question
McNutt, Justin M.
McNuttJ at missouri.edu
Tue Mar 1 02:29:46 CET 2011
> > # BOL, "host", a slash, one or more non-dot characters, a dot,
> > # one or more non-whitespace chars, EOL.
> > if ( User-Name =~ /^host\/([^\.])+\.(\S+)$/i ) {
> switch "%{2}" {
> case 'my-domain-string-1' {
> update control {
> Proxy-To-Realm := 'my-domain-1'
> }
> }
> case 'my-domain-string-2' {
> update control {
> Proxy-To-Realm := 'my-domain-1'
> }
> }
> case 'my-domain-string-3' {
> update control {
> Proxy-To-Realm := 'my-domain-2'
> }
> }
> case {
> # Domain not recognised
> }
> }
> > }
I took this code and modified it, assuming that if the code I wrote before (which tries to use "COL.MISSOURI.EDU" as the realm) doesn't work, I can use the code above to take FOO.MISSOURI.EDU and proxy to the NT domain FOO-USERS, which is more than just massaging the User-Name field. The switch statement will be necessary to translate the AD domain into the correct NT domain.
"radiusd -XC" likes it. Hopefully, I'll be able to tell if one or both of these schemes works fairly early tomorrow.
Thanks!
--J
More information about the Freeradius-Users
mailing list