Hello all. I know this subject has came up many times on this list before but I'm still having problems.<br><br>According to what I've read the HINTS file is the best place to do this. Here is relevant portions of my config running CVS from 2007-08-01. It's my understanding that with Strip-User-Name = Yes, FreeRADIUS will rewrite the User-Name attribute without the domain specified. Any tips would be greatly appreciated.
<br><br>HINTS<br>----------------------------------------------------------------------------------------<br>DEFAULT Suffix == "@<a href="http://alexssa.net">alexssa.net</a>", Strip-User-Name = Yes<br><br>radiusd.conf
<br>----------------------------------------------------------------------------------------<br clear="all">preprocess {<br> hints = ${confdir}/hints<br>}<br><br>Below is debug output<br>----------------------------------------------------------------------------------------
<br>FreeRADIUS Version 2.0.0-pre2, for host i686-pc-linux-gnu, built on Aug 1 2007 at 10:03:50<br>Copyright (C) 2000-2007 The FreeRADIUS server project.<br>There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
<br>PARTICULAR PURPOSE.<br>You may redistribute copies of FreeRADIUS under the terms of the<br>GNU General Public License.<br>Config: including file: /usr/local/etc/raddb/radiusd.conf<br>Config: including file: /usr/local/etc/raddb/clients.conf
<br>Config: including file: /usr/local/etc/raddb/sql.conf<br>Config: including file: /usr/local/etc/raddb/sql/mysql/dialup.conf<br>Config: including files in directory: /usr/local/etc/raddb/sites-enabled/<br>Config: including file: /usr/local/etc/raddb/sites-enabled/default
<br>Starting - reading configuration files ...<br>read_config_files: reading dictionary<br>main {<br> prefix = "/usr/local"<br> localstatedir = "/usr/local/var"<br> logdir = "/usr/local/var/log/radius"
<br> libdir = "/usr/local/lib"<br> radacctdir = "/usr/local/var/log/radius/radacct"<br> hostname_lookups = no<br> max_request_time = 30<br> cleanup_delay = 5<br> max_requests = 1024
<br> allow_core_dumps = no<br> log_stripped_names = no<br> log_file = "/usr/local/var/log/radius/radius.log"<br> log_auth = yes<br> log_auth_badpass = yes<br> log_auth_goodpass = yes
<br> pidfile = "/usr/local/var/run/radiusd/radiusd.pid"<br> user = "nobody"<br> group = "nogroup"<br> checkrad = "/usr/local/sbin/checkrad"<br> debug_level = 0
<br> proxy_requests = no<br> log {<br> syslog_facility = "daemon"<br> }<br> security {<br> max_attributes = 200<br> reject_delay = 1<br> status_server = yes<br> }<br>}<br> listen {
<br> type = "auth"<br> ipaddr = *<br> port = 1812<br> client <a href="http://127.0.0.1">127.0.0.1</a> {<br> secret = "test"<br> shortname = "localhost"<br> nastype = "other"
<br> }<br> client <a href="http://38.119.184.54">38.119.184.54</a> {<br> secret = "xxxx"<br> shortname = "openvpn"<br> nastype = "other"<br> }<br> client <a href="http://38.119.184.74">
38.119.184.74</a> {<br> secret = "xxx"<br> shortname = "totalcontrol"<br> nastype = "usrhiper"<br> }<br> client <a href="http://38.119.184.4">38.119.184.4</a> {<br> secret = "xxxx"
<br> shortname = "arc0"<br> nastype = "usrhiper"<br> }<br> client <a href="http://38.119.188.211">38.119.188.211</a> {<br> secret = "xxxx"<br> shortname = "<a href="http://igateway.hnet.net">
igateway.hnet.net</a>"<br> nastype = "cisco"<br> }<br> }<br> listen {<br> type = "acct"<br> ipaddr = *<br> port = 1813<br> }<br>radiusd: entering modules setup<br>radiusd: Library search path is /usr/local/lib
<br>modules: Not loading pre-proxy{} section<br>modules: Not loading post-proxy{} section<br>server {<br> modules {<br> Module: Checking authenticate {...} for more modules to load<br> Module: Linked to module rlm_pap<br>
Module: Instantiating pap<br> pap {<br> encryption_scheme = "auto"<br> auto_header = yes<br> }<br> Module: Linked to module rlm_chap<br> Module: Instantiating chap<br> Module: Checking authorize {...} for more modules to load
<br> Module: Linked to module rlm_preprocess<br> Module: Instantiating preprocess<br> preprocess {<br> huntgroups = "/usr/local/etc/raddb/huntgroups"<br> hints = "/usr/local/etc/raddb/hints"
<br> with_ascend_hack = no<br> ascend_channels_per_line = 23<br> with_ntdomain_hack = no<br> with_specialix_jetstream_hack = no<br> with_cisco_vsa_hack = no<br> with_alvarion_vsa_hack = no
<br> }<br> Module: Linked to module rlm_detail<br> Module: Instantiating auth_log<br> detail auth_log {<br> detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d"<br> header = "%t"
<br> detailperm = 384<br> dirperm = 493<br> locking = no<br> log_packet_header = no<br> }<br> Module: Linked to module rlm_files<br> Module: Instantiating files<br> files {<br> usersfile = "/usr/local/etc/raddb/users"
<br> compat = "no"<br> }<br> Module: Linked to module rlm_ldap<br> Module: Instantiating <a href="http://ldap01.alexssa.net">ldap01.alexssa.net</a><br> ldap <a href="http://ldap01.alexssa.net">ldap01.alexssa.net
</a> {<br> server = "<a href="http://ldap02.alexssa.net">ldap02.alexssa.net</a>"<br> port = 389<br> password = "xxxxxx"<br> identity = "cn=root,dc=alexssa,dc=net"<br>
net_timeout = 1<br> timeout = 5<br> timelimit = 3<br> tls_mode = no<br> start_tls = no<br> tls_require_cert = "allow"<br> basedn = "ou=users,ou=radius,dc=alexssa,dc=net"
<br> filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"<br> base_filter = "(objectclass=radiusprofile)"<br> password_attribute = "userPassword"<br> auto_header = yes
<br> access_attr_used_for_allow = yes<br> groupname_attribute = "radiusGroupName"<br> groupmembership_filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})(objectclass=radiusprofile)"
<br> groupmembership_attribute = "radiusGroupName"<br> dictionary_mapping = "/usr/local/etc/raddb/ldap.attrmap"<br> ldap_debug = 0<br> ldap_connections_number = 5<br> compare_check_items = no
<br> do_xlat = yes<br> set_auth_type = no<br> }<br>rlm_ldap: Registering ldap_groupcmp for Ldap-Group<br>rlm_ldap: Creating new attribute ldap01.alexssa.net-Ldap-Group<br>rlm_ldap: Registering ldap_groupcmp for
ldap01.alexssa.net-Ldap-Group<br>rlm_ldap: Registering ldap_xlat with xlat_name <a href="http://ldap01.alexssa.net">ldap01.alexssa.net</a><br>rlm_ldap: reading ldap<->radius mappings from file /usr/local/etc/raddb/ldap.attrmap
<br>rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$<br>rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$<br>rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type<br>rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use
<br>rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id<br>rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id<br>rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password<br>rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password
<br>rlm_ldap: LDAP sambaLmPassword mapped to RADIUS LM-Password<br>rlm_ldap: LDAP sambaNtPassword mapped to RADIUS NT-Password<br>rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT<br>rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration
<br>rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address<br>rlm_ldap: LDAP radiusIPPool mapped to RADIUS Pool-Name<br>rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type<br>rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol
<br>rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address<br>rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask<br>rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route<br>rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing
<br>rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id<br>rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU<br>rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression<br>rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host
<br>rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service<br>rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port<br>rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number<br>rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id
<br>rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network<br>rlm_ldap: LDAP radiusClass mapped to RADIUS Class<br>rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout<br>rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout
<br>rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action<br>rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service<br>rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node
<br>rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group<br>rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link<br>rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network
<br>rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone<br>rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit<br>rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port<br>rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message
<br>conns: 0x801188f0<br> Module: Instantiating <a href="http://ldap02.alexssa.net">ldap02.alexssa.net</a><br> ldap <a href="http://ldap02.alexssa.net">ldap02.alexssa.net</a> {<br> server = "<a href="http://ldap02.alexssa.net">
ldap02.alexssa.net</a>"<br> port = 389<br> password = "xxxxx"<br> identity = "cn=root,dc=alexssa,dc=net"<br> net_timeout = 1<br> timeout = 5<br> timelimit = 3
<br> tls_mode = no<br> start_tls = no<br> tls_require_cert = "allow"<br> basedn = "ou=users,ou=radius,dc=alexssa,dc=net"<br> filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
<br> base_filter = "(objectclass=radiusprofile)"<br> password_attribute = "userPassword"<br> auto_header = yes<br> access_attr_used_for_allow = yes<br> groupname_attribute = "radiusGroupName"
<br> groupmembership_filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})(objectclass=radiusprofile)"<br> groupmembership_attribute = "radiusGroupName"<br> dictionary_mapping = "/usr/local/etc/raddb/ldap.attrmap"
<br> ldap_debug = 0<br> ldap_connections_number = 5<br> compare_check_items = no<br> do_xlat = yes<br> set_auth_type = no<br> }<br>rlm_ldap: Registering ldap_groupcmp for Ldap-Group<br>
rlm_ldap: Creating new attribute ldap02.alexssa.net-Ldap-Group<br>rlm_ldap: Registering ldap_groupcmp for ldap02.alexssa.net-Ldap-Group<br>rlm_ldap: Registering ldap_xlat with xlat_name <a href="http://ldap02.alexssa.net">
ldap02.alexssa.net</a><br>rlm_ldap: reading ldap<->radius mappings from file /usr/local/etc/raddb/ldap.attrmap<br>rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$<br>rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
<br>rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type<br>rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use<br>rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id<br>rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id
<br>rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password<br>rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password<br>rlm_ldap: LDAP sambaLmPassword mapped to RADIUS LM-Password<br>rlm_ldap: LDAP sambaNtPassword mapped to RADIUS NT-Password
<br>rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT<br>rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration<br>rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address<br>rlm_ldap: LDAP radiusIPPool mapped to RADIUS Pool-Name
<br>rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type<br>rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol<br>rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address<br>rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask
<br>rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route<br>rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing<br>rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id<br>rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU
<br>rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression<br>rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host<br>rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service<br>rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port
<br>rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number<br>rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id<br>rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network<br>rlm_ldap: LDAP radiusClass mapped to RADIUS Class
<br>rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout<br>rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout<br>rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action<br>rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service
<br>rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node<br>rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group<br>rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link
<br>rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network<br>rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone<br>rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit
<br>rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port<br>rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message<br>conns: 0x80119c98<br> Module: Linked to module rlm_counter<br> Module: Instantiating daily
<br> counter daily {<br> filename = "/usr/local/etc/raddb/db.daily"<br> key = "User-Name"<br> reset = "daily"<br> count-attribute = "Acct-Session-Time"<br>
counter-name = "Daily-Session-Time"<br> check-name = "Max-Daily-Session"<br> reply-name = "Session-Timeout"<br> allowed-servicetype = "Framed-User"<br> cache-size = 5000
<br> }<br>rlm_counter: Counter attribute Daily-Session-Time is number 11275<br>rlm_counter: Current Time: 1186499334 [2007-08-07 10:08:54], Next reset 1186549200 [2007-08-08 00:00:00]<br> Module: Checking preacct {...} for more modules to load
<br> Module: Linked to module rlm_acct_unique<br> Module: Instantiating acct_unique<br> acct_unique {<br> key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"<br> }<br> Module: Checking accounting {...} for more modules to load
<br> Module: Instantiating acctdetail<br> detail acctdetail {<br> detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"<br> header = "%t"<br> detailperm = 384
<br> dirperm = 493<br> locking = no<br> log_packet_header = no<br> }<br> Module: Linked to module rlm_radutmp<br> Module: Instantiating radutmp<br> radutmp {<br> filename = "/usr/local/var/log/radius/radutmp"
<br> username = "%{User-Name}"<br> case_sensitive = yes<br> check_with_nas = yes<br> perm = 384<br> callerid = yes<br> }<br> Module: Linked to module rlm_ippool<br> Module: Instantiating dialup
<br> ippool dialup {<br> session-db = "/usr/local/etc/raddb/dialup.ippool"<br> ip-index = "/usr/local/etc/raddb/dialup.ipindex"<br> key = "%{NAS-IP-Address} %{NAS-Port}"
<br> range-start = <a href="http://38.119.191.1">38.119.191.1</a> IP address [<a href="http://38.119.191.1">38.119.191.1</a>]<br> range-stop = <a href="http://38.119.191.254">38.119.191.254</a> IP address [<a href="http://38.119.191.254">
38.119.191.254</a>]<br> netmask = <a href="http://255.255.255.255">255.255.255.255</a> IP address [<a href="http://255.255.255.255">255.255.255.255</a>]<br> cache-size = 253<br> override = no<br> maximum-timeout = 0
<br> }<br> Module: Linked to module rlm_attr_filter<br> Module: Instantiating attr_filter.accounting_response<br> attr_filter attr_filter.accounting_response {<br> attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"
<br> key = "%{User-Name}"<br> }<br> Module: Checking session {...} for more modules to load<br> Module: Checking post-auth {...} for more modules to load<br> Module: Instantiating attr_filter.access_reject
<br> attr_filter attr_filter.access_reject {<br> attrsfile = "/usr/local/etc/raddb/attrs.access_reject"<br> key = "%{User-Name}"<br> }<br> }<br>}<br>Initializing the thread pool...<br>Listening on authentication address * port 1812
<br>Listening on accounting address * port 1813<br>Ready to process requests.<br>Nothing to do. Sleeping until we see a request.<br>rad_recv: Access-Request packet from host <a href="http://127.0.0.1">127.0.0.1</a> port 1027, id=101, length=83
<br> User-Name = "<a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net</a>"<br> User-Password = "polaris"<br> Service-Type = Framed-User<br> NAS-Port = 2067<br> NAS-IP-Address =
<a href="http://127.0.0.1">127.0.0.1</a><br> NAS-Port-Type = Async<br>+- entering group authorize<br>++[preprocess] returns ok<br> expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20070807
<br>rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20070807<br> expand: %t -> Tue Aug 7 10:10:30 2007<br>
++[auth_log] returns ok<br>++[chap] returns noop<br>rlm_ldap: Entering ldap_groupcmp()<br> expand: ou=users,ou=radius,dc=alexssa,dc=net -> ou=users,ou=radius,dc=alexssa,dc=net<br> expand: %{Stripped-User-Name} ->
<br> expand: %{User-Name} -> <a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net</a><br> expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=<a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net
</a>)<br>rlm_ldap: ldap_get_conn: Checking Id: 0<br>rlm_ldap: ldap_get_conn: Got Id: 0<br>rlm_ldap: attempting LDAP reconnection<br>rlm_ldap: (re)connect to <a href="http://ldap02.alexssa.net:389">ldap02.alexssa.net:389</a>
, authentication 0<br>rlm_ldap: bind as cn=root,dc=alexssa,dc=net/62b879A to <a href="http://ldap02.alexssa.net:389">ldap02.alexssa.net:389</a><br>rlm_ldap: waiting for bind result ...<br>rlm_ldap: Bind was successful<br>
rlm_ldap: performing search in ou=users,ou=radius,dc=alexssa,dc=net, with filter (uid=<a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net</a>)<br>rlm_ldap: object not found or got ambiguous search result<br>rlm_ldap::ldap_groupcmp: search failed
<br>rlm_ldap: ldap_release_conn: Release Id: 0<br>rlm_ldap: Entering ldap_groupcmp()<br> expand: ou=users,ou=radius,dc=alexssa,dc=net -> ou=users,ou=radius,dc=alexssa,dc=net<br> expand: %{Stripped-User-Name} ->
<br> expand: %{User-Name} -> <a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net</a><br> expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=<a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net
</a>)<br>rlm_ldap: ldap_get_conn: Checking Id: 0<br>rlm_ldap: ldap_get_conn: Got Id: 0<br>rlm_ldap: performing search in ou=users,ou=radius,dc=alexssa,dc=net, with filter (uid=<a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net
</a>)<br>rlm_ldap: object not found or got ambiguous search result<br>rlm_ldap::ldap_groupcmp: search failed<br>rlm_ldap: ldap_release_conn: Release Id: 0<br> users: Matched entry DEFAULT at line 16<br>++[files] returns ok
<br>++- entering redundant-load-balance group<br>rlm_ldap: - authorize<br>rlm_ldap: performing user authorization for <a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net</a><br> expand: %{Stripped-User-Name} ->
<br> expand: %{User-Name} -> <a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net</a><br> expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=<a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net
</a>)<br> expand: ou=users,ou=radius,dc=alexssa,dc=net -> ou=users,ou=radius,dc=alexssa,dc=net<br>rlm_ldap: ldap_get_conn: Checking Id: 0<br>rlm_ldap: ldap_get_conn: Got Id: 0<br>rlm_ldap: performing search in ou=users,ou=radius,dc=alexssa,dc=net, with filter (uid=
<a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net</a>)<br>rlm_ldap: object not found or got ambiguous search result<br>rlm_ldap: search failed<br>rlm_ldap: ldap_release_conn: Release Id: 0<br>+++[<a href="http://ldap02.alexssa.net">
ldap02.alexssa.net</a>] returns notfound<br>++- redundant-load-balance group returns notfound<br>rlm_counter: Entering module authorize code<br>rlm_counter: Could not find Check item value pair<br>++[daily] returns noop<br>
rlm_pap: Found existing Auth-Type, not changing it.<br>++[pap] returns noop<br> rad_check_password: Found Auth-Type Reject<br> rad_check_password: Auth-Type = Reject, rejecting user<br>auth: Failed to validate the user.
<br>Login incorrect (rlm_ldap: User not found): [<a href="http://atvcrew@alexssa.net/polaris">atvcrew@alexssa.net/polaris</a>] (from client localhost port 2067)<br> Found Post-Auth-Type Reject<br>+- entering group REJECT
<br> expand: %{User-Name} -> <a href="mailto:atvcrew@alexssa.net">atvcrew@alexssa.net</a><br> attr_filter: Matched entry DEFAULT at line 11<br>++[attr_filter.access_reject] returns updated<br>Delaying reject of request 0 for 1 seconds
<br>Going to the next request<br>Sending delayed reject for request 0<br>Sending Access-Reject of id 101 to <a href="http://127.0.0.1">127.0.0.1</a> port 1027<br> Reply-Message = "Please call the helpdesk."
<br>Waking up in 4 seconds...<br>Cleaning up request 0 ID 101 with timestamp +95<br>Nothing to do. Sleeping until we see a request.<br><br>-- <br>Nicholas Hall<br><a href="mailto:ngharo@gmail.com">ngharo@gmail.com</a><br>
262.208.6271