This seems to work, as far as regex being valid format: /^.MD4.(.*)$/ but my whole config is not quite right yet... (8) ldap : control:Password-With-Header += ''{MD4}6DDDAF<...>'' rlm_ldap (ldap): Released connection (4) (8) [ldap] = ok (8) if (&control:Password-With-Header =~ /^.MD4.(.*)$/) (8) if (&control:Password-With-Header =~ /^.MD4.(.*)$/) -> TRUE (8) if (&control:Password-With-Header =~ /^.MD4.(.*)$/) { (8) update control { (8) EXPAND {nt}%{1} (8) --> {nt}6DDDAF<...> (8) Password-With-Header := '"{nt}6DDDAFA0E<...>"' (8) } # update control = noop (8) } # if (&control:Password-With-Header =~ /^.MD4.(.*)$/) = noop (8) if ((ok || updated) && User-Password) (8) if ((ok || updated) && User-Password) -> FALSE (8) [expiration] = noop (8) [logintime] = noop (8) WARNING: pap : Auth-Type already set. Not setting to PAP (8) [pap] = noop (8) } # authorize = updated (8) Found Auth-Type = EAP What do I need to change this to: ldap if (&control:Password-With-Header =~ /^.MD4.(.*)$/) { update control { Password-With-Header := "{nt}%{1}" } } if ((ok || updated) && User-Password) { update { control:Auth-Type := ldap } } On Tue, Mar 10, 2015 at 10:43 AM, Mohamed Lrhazi < Mohamed.Lrhazi@georgetown.edu> wrote:
sorry... keyboard error :)
So, the regex does not seem to compile:
/etc/freeradius/sites-enabled/inner-tunnel[143]: Invalid regular expression ^{md4}(.*)$: Invalid preceding regular expression
I tried this too, with same result: /^\{md4\}(.*)$/
On Tue, Mar 10, 2015 at 10:41 AM, Mohamed Lrhazi < Mohamed.Lrhazi@georgetown.edu> wrote:
On Tue, Mar 10, 2015 at 10:26 AM, Arran Cudbard-Bell < a.cudbardb@freeradius.org> wrote:
ldap # gets Password-With-Header if (&control:Password-With-Header =~ /^{md4}(.*)$/) { update control { Password-With-Header := "{nt}%{1}" } }
That gave me this error: