Realm extraction
Dmitry Alekhin
dalekhin at yandex.ru
Thu Sep 22 22:37:56 CEST 2005
Thanks for help :)
But it does not work :(
Here is my radiusd.conf
---
ldap {
server = "localhost"
identity = "uid=Admin,ou=Staff,dc=example,dc=com"
password = secret
basedn = "ou=People,dc=example,dc=com"
filter =
"(uid=%{Stripped-User-Name:-%{User-Name}},ou=%{Realm})"
.... Realm section is still untouched
#
# Using this entry, IPASS users have their realm set to "IPASS".
realm IPASS {
format = prefix
delimiter = "/"
ignore_default = no
ignore_null = no
}
#
realm suffix {
format = suffix
delimiter = "@"
ignore_default = no
ignore_null = no
}
# 'username%realm'
#
realm realmpercent {
format = suffix
delimiter = "%"
ignore_default = no
ignore_null = no
}
#
# 'domain\user'
#
realm ntdomain {
format = prefix
delimiter = "\\"
ignore_default = no
ignore_null = no
}
------------
Below is debug:
modcall: entering group authorize for request 0
rlm_realm: Looking up realm "example.com" for User-Name = "example.com"
rlm_realm: No such realm "example.com"
modcall[authorize]: module "suffix" returns noop for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "attr_filter" returns noop for request 0
rlm_realm: Looking up realm "example.com" for User-Name =
dmitry at example.com
rlm_realm: No such realm "example.com"
modcall[authorize]: module "suffix" returns noop for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
modcall[authorize]: module "files" returns notfound for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for dmitry at example.com
radius_xlat: '(uid=dmitry at example.com,ou=)'
radius_xlat: 'ou=People,dc=example,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as uid=Admin,ou=Staff,dc=example,dc=com/secret to
localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter
(uid=dmitry at example.com,ou=)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns notfound for request 0
...
As you can see ou is empty.
----- Original Message -----
From: "Alan DeKok" <aland at ox.org>
To: <dalekhin at yandex.ru>; "FreeRadius users mailing list"
<freeradius-users at lists.freeradius.org>
Sent: Thursday, September 22, 2005 9:34 PM
Subject: Re: Realm extraction
> "Dmitry Alekhin" <dalekhin at yandex.ru> wrote:
> > I am new in free radius , so I have one question: How can I exctract
Realm attribute in
> > radiusd.conf name?
>
> Use the "Realm" attribute. The debug log will show you that the
> "realm" module is adding this attribute.
>
> Alan DeKok.
>
More information about the Freeradius-Users
mailing list