removing domain data from user name
fvt3
fvt3 at yahoo.com
Thu Jul 13 14:42:43 CEST 2006
I was able to strip the domain portion of it by having
radius execute an external script. Here is what I
have in radius to execute the external script..
ldap ldap_ldap1 {
server = ""
identity = ""
password = ""
#basedn = ""
basedn = ""
# filter =
"(SamAccountName=%{Stripped-User-Name:-%{User-Name}})"
filter =
"(SamAccountName=%{exec:/usr/local/freeradius/etc/raddb
/nodomain.pl %u})"
I wrote a perl script to strip that off, using a shell
script it always add a return character which adds a
space after the uid.
--- Yedidia Klein <yedidia at jct.ac.il> wrote:
> Hello list,
>
>
> I'm using freeradius server as a radius server that
> forward the auth to
> an LDAP server,
>
> on a RH enterprise system
> (freeradius-1.0.1-1.1.RHEL3)
>
> I want one of my service providers to authenticate
> against this radius,
>
> After enabling some debug option I found that it
> sends me the users in
> the form of user at domain.tld, that (of course) my
> ldap don't know and
> refuse to auth.
>
> Is there a way on freeradius to pass to the ldap
> server only the left
> site of the @ sign ?
>
>
> I tried to use "with_ntdomain_hack = yes" in my ldap
> section on
> radiusd.conf w/o success.
>
>
> thanks,
>
>
> --Yedidia
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the Freeradius-Users
mailing list