In auth request packet, Stripped-User-Name attribute value wrongly rewritten by radius server
Hi, I'm currently using free radius server versioned 2.1.12 [freeradius-server-2.1.12]. I'm having a setup where clients get authenticated by Windows AD 2003 server. It uses stripped-user-name attribute. I'm having free radius 2.1.12 as the radius server. The username are provided as DomainName\Username. Various combination of Domain name and user name worked but when ever the username starts with "t" or "n" the authentication failed. Network capture showed that the backslash delimiter between domain and username combined with specific letters are translated to special characters. \n = new line \r = return \t = tab Eg: During authentication, the usernames goes as "DOMAIN\timcopy. We are supposed to strip the domain name along with the "\" and populate the sAMAccount name with the username timcopy. But the username gets converted as "DOMAIN imcopy" which is then used as the sAMAccount name. I was getting the authentication problem when I used "timcopy" as the username and success when I used "kiran" as the username. On further looking into code could make out , On receiving the request packet at radius server side, rlm is adding the the new attribute stripped-user-name [attr number 1043] and updating the value as "DOMAIN imcopy" Here \timcopy got converted as "<tab space>imcopy" Please let me know the solution for this problem. Thanks, Adarsha
participants (1)
-
Adarsha S