<u><b>in the /etc/raddb/modules/realm file,<br></b></u><br>realm ntdomain {<br> format = prefix<br> delimiter = "\\"<br>}<br><br><u><b>In the proxy.conf<br></b></u>realm H1 {<br> type = radius <br>
nostrip <br>
authhost = <a href="http://1.2.3.4:1812/" target="_blank">1.2.3.4:1812</a><br> accthost = <a href="http://1.2.3.4:1813/" target="_blank">1.2.3.4:1813</a><br>
secret = secret1<br> retry_delay = 3<br> retry_count = 1<br>}<br><br><br>There are no # infront, thus already uncomment. Can you advise if anything new thing need to do at the proxy.conf<br>
<br><br><div class="gmail_quote">On Wed, Dec 16, 2009 at 8:42 AM, <span dir="ltr"><<a href="mailto:tnt@kalik.net">tnt@kalik.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
It does, but ntdomain is not enabled by default. You need to uncomment<br>
that entry in authorize.<br>
<br>
Ivan Kalik<br>
<div><div></div><div class="h5"><br>
> in the /etc/raddb/modules/realm, the windows domain prefix \\ does not<br>
> seem<br>
> to work. It still get proxy to the NULL realm. But if i use user!@H1 it is<br>
> proxy correctly to H1 realm and not NULL realm. Can advise anything i<br>
> missed<br>
> out in the proxy.conf or radiusd.conf?<br>
><br>
> *in the radius -X debug, H1\user1 does not get to proxy to H1 realm*<br>
> User-Name = "H1\\user1"<br>
> User-Password = "password"<br>
> +- entering group authorize {...}<br>
> ++[preprocess] returns ok<br>
> ++[chap] returns noop<br>
> ++[mschap] returns noop<br>
> [suffix] No '@' in User-Name = "H1\user1", looking up realm NULL<br>
> [suffix] Found realm "NULL"<br>
> [suffix] Adding Stripped-User-Name = "H1\user1"<br>
> [suffix] Adding Realm = "NULL"<br>
> [suffix] Proxying request from user H1\user1 to realm NULL<br>
> [suffix] Preparing to proxy authentication request to realm "NULL"<br>
><br>
><br>
> *In the proxy.conf<br>
> *<br>
> realm H1 {<br>
> type = radius<br>
> nostrip<br>
> authhost = <a href="http://1.2.3.4:1812" target="_blank">1.2.3.4:1812</a><br>
> accthost = <a href="http://1.2.3.4:1813" target="_blank">1.2.3.4:1813</a><br>
> secret = secret1<br>
> retry_delay = 3<br>
> retry_count = 1<br>
> }<br>
><br>
><br>
> *user1@H1 get proxy correct to H1 realm. *<br>
> User-Name = "user1@H1"<br>
> User-Password = "password"<br>
> +- entering group authorize {...}<br>
> ++[preprocess] returns ok<br>
> ++[chap] returns noop<br>
> ++[mschap] returns noop<br>
> [suffix] Looking up realm "H1" for User-Name = "user1@H1"<br>
> [suffix] Found realm "H1"<br>
> [suffix] Adding Realm = "H1"<br>
> [suffix] Proxying request from user wlanH1 to realm H1<br>
> [suffix] Preparing to proxy authentication request to realm "H1"<br>
><br>
><br>
><br>
> On Wed, Dec 16, 2009 at 7:06 AM, green green <<a href="mailto:gggreen4@gmail.com">gggreen4@gmail.com</a>> wrote:<br>
><br>
>> can advise how to rewrite the username in domain\user to user@domain so<br>
>> that the realm can be done to proxy the radius request to the upstream<br>
>> radius server.<br>
>><br>
>> or no rewrite of username is need. can the freeradius proxy based on<br>
>> domain\user which domain\ can be use as realm to radius proxy to<br>
>> upstream<br>
>> radius server.<br>
>><br>
>> please advise and thanks.<br>
>><br>
</div></div><div><div></div><div class="h5">> -<br>
> List info/subscribe/unsubscribe? See<br>
> <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
<br>
<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</div></div></blockquote></div><br>