Alan DeKok <aland@deployingradius.com> wrote:
why? if not, then what is the way to achieve the desired? to store login/password as FR normalized MAC address and eap_md5 understand that (while User-Name differs)?
In general, mangling the User-Name is a bad idea. It means that the authentication and accounting may have different views of what the user name is. It means that EAP may not work correctly. It means that proxying may break.
You're better off using a temporary attribute for the "mangled" user name, and leaving User-Name alone. But in the end it's your system...
ok, I understood the idea and I'm confused even more ... please advise, what is the possible way to achieve what I described? to leave User-Name intact and to manage all possibilities in UI to DB (to manage new user creation or existent ones modification) with account of the hardware User-Name-representation-types? or it is possible with some eap_md5 configuration indeed? -- Zeus V. Panchenko jid:zeus@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET)