On Mon, Oct 22, 2012 at 11:13 PM, <xylakant@vorsicht-bissig.de> wrote:
Hi Guys,
thank you for your answers. I killed the attribute user-name on my global radius server in post-proxy and post-auth sections by unlang.
Now I have got the full username on my server, because it is not overwritten by other radius communicatons.
The realm is not in the radacct table of server A. But I kow the reason, because FR doesn't know this realms. But thats ok.
Good to know.
What I don't understand is how come the reply that FR sends STILL contains User-Name. Reading raddb/attrs and raddb/modules/attr_filter, it looks like FR should never allow User-Name on Access-Accept. Did you REMOVE attr_filter.post-proxy from raddb/sites-available/default or whatever virtual server you're using?
Sry, I don't understand the problem. I see more attributes than just user-name. All filters are disabled by default. A filter is only for rejecting requests, which are not matching. Right?
No. And that, is the root of your problem: blindly changing config files without knowing what it's for. Had you left it the way it was in the first place, you wouldn't have had this problem. -- Fajar