Rejected: Realm does not have at least one dot separator
Stefan Paetow
Stefan.Paetow at jisc.ac.uk
Sun May 10 14:20:07 CEST 2015
>I'm struggling with Freeradius since a few days and cannot get forward.
>This
>is the message I get when I execute Freeradius in debug mode:
>
>'Rejected: Realm does not have at least one dot separator'
For this... Are you using a local username, or something like
'bob at localhost'?
Look in /etc/raddb|freeradius/sites-enabled. Open the default or the
inner-tunnel file. By default, there's a policy in the authorize section
of either called 'filter_username'. It checks that your username is in
proper network access identifier (NAI) format, and usually that includes
at least one dot (like 'bob at blah.com'). A username like 'bob at localrealm'
doesn't, so it doesn't comply with the filter and it rejects your request.
Use a proper realm, or disable the filter_username policy in the authorize
section.
As for the rest (ldap and sql issues), see Rui's post :-)
Stefan Paetow
Moonshot Industry & Research Liaison Coordinator
t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at jabber.dev.ja.net
skype: stefan.paetow.janet
jisc.ac.uk
Jisc is a registered charity (number 1149740) and a company limited by
guarantee which is registered in England under Company No. 5747339, VAT
No. GB 197 0632 86. JiscĀ¹s registered office is: One Castlepark, Tower
Hill, Bristol, BS2 0JA. T 0203 697 5800.
Jisc Collections and Janet Ltd. is a wholly owned Jisc subsidiary and a
company limited by guarantee which is registered in England under Company
No. number 2881024, VAT No. GB 197 0632 86. The registered office is:
Lumen House, Library Avenue, Harwell, Didcot, Oxfordshire, OX11 0SG. T
01235 822200.
>
More information about the Freeradius-Users
mailing list