FW: How to get Hint to match in users file

Matt Cobb mattc at lockdownnetworks.com
Wed Jun 15 00:42:28 CEST 2005 


-----Original Message-----
From: Matt Cobb 
Sent: Tuesday, June 14, 2005 2:07 PM
To: 'freeradius-users-request at lists.freeradius.org'
Subject: How to get Hint to match in users file 

What syntax do you use to get Hint to match in the users file?
In Hint I have:

DEFAULT	Prefix == "LOCKDOWN\\", Strip-User-Name = Yes
	Hint = "LDAP1"

DEFAULT Prefix == "testlab\\", Strip-User-Name = Yes
	Hint = "LDAP2"

And in the users file:

DEFAULT Hint == "LDAP1", Auth-Type := LDAP1, Autz-Type := LDAP1

DEFAULT Hint == "LDAP2", Auth-Type := LDAP2, Autz-Type := LDAP2

The user name gets stripped before going into the users section, but no
Auth-Type is set.

>From freeradius 1.0.2...

   rad_recv: Access-Request packet from host 127.0.0.1:1026, id=16,
length=105
        User-Name = "testlab\\tester"
        User-Password = "xyz"
        Service-Type = Authenticate-Only
        NAS-Identifier = "localhost.localdomain"
        NAS-IP-Address = 127.0.0.1
        Calling-Station-Id = "192.168.10.100"
  Processing the authorize section of radiusd.conf
  modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "tester", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 0
  modcall[authorize]: module "files" returns notfound for request 0
modcall: group authorize returns ok for request 0
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 16 to 127.0.0.1:1026
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 16 with timestamp 42af5799
Nothing to do.  Sleeping until we see a request.

More information about the Freeradius-Users mailing list