Error: User-Name is not the same as MS-CHAP name
Alan DeKok
aland at deployingradius.com
Mon May 9 20:48:23 CEST 2011
Robert Mc Cready wrote:
> I do not rewrite the User-name attribute I rewrite only the
> Stripped-User-Name attribute with these:
No. Go READ the debug log you posted. The "inner-tunnel" virtual
server gets:
Sending tunneled request
EAP-Message = 0x020800421a0208003d314cc241739d871a4cb33b6338671202 ...
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "CAD08862\\ldapuser"
You then RE-WRITE the User-Name.
Don't do that.
As you were told, re-writing the User-Name for EAP is wrong. Don't do it.
> The User-Name attribute is untouch.
You can believe what you *think* happens. Or you can believe the
debug output of the server.
Alan DeKok.
More information about the Freeradius-Users
mailing list