AW: Since 2 Month noone any idea how to do this ? Stripping Username Question *important*

Krämer Armin Kraemer.Armin at web.de
Sat Jul 22 11:19:55 CEST 2006 

Thanks, i tried out this now and got the following warning:


rlm_ldap: performing user authorization for host/notebook-armin
Sat Jul 22 12:25:24 2006 : Debug: WARNING: Attempt to use unknown xlat
function, or non-existent attribute in string %{mschap:User-Name}
Sat Jul 22 12:25:24 2006 : Debug: radius_xlat:
'(&(uid=)(objectclass=radiusprofile))'
Sat Jul 22 12:25:24 2006 : Debug: radius_xlat:
'ou=users,ou=radius,dc=ak-server,dc=de'


And the search finishes with "NOT FOUND" 


rlm_ldap: waiting for bind result ...
Sat Jul 22 12:25:24 2006 : Debug: rlm_ldap: Bind was successful
Sat Jul 22 12:25:24 2006 : Debug: rlm_ldap: performing search in
ou=users,ou=radius,dc=ak-server,dc=de, with filter
(&(uid=)(objectclass=radiusprofile))
Sat Jul 22 12:25:24 2006 : Debug: rlm_ldap: object not found or got
ambiguous search result
Sat Jul 22 12:25:24 2006 : Debug: rlm_ldap: search failed


Any idea fort this? Looks like the searchString is complete emty now??

I made an LDAP Entry which looks like " uid=host/notebook-armin$ "

Thanks for answering!

Greetings

Armin





-----Ursprüngliche Nachricht-----
Von: freeradius-users-bounces+kraemer.armin=web.de at lists.freeradius.org
[mailto:freeradius-users-bounces+kraemer.armin=web.de at lists.freeradius.org]
Im Auftrag von James J J Hooper
Gesendet: Samstag, 22. Juli 2006 10:31
An: FreeRadius users mailing list
Betreff: Re: Since 2 Month noone any idea how to do this ? Stripping
Username Question *important*



--On Saturday, 22 July 2006 09:23 +0200 Krämer Armin <Kraemer.Armin at web.de> 
wrote:

>
> Hi,
>
> im working with machine authentication and EAP-TLS Zertifikates.
>
> When a machine authenticates  I get the name of the mchine like
> "host/250-IT"  and the search String on LDAP is like "host/250-IT".
>
> I nee the searchString at LDAP like 250-IT$. How can I strip away that
> host/ and add $ for the search at the LDAP Directory?
>

In your LDAP section of radiusd.conf, replace this:
%{Stripped-User-Name:-%{User-Name}}
with this:
%{Stripped-User-Name:-%{mschap:User-Name}}

Regards,
   James

--
James J J Hooper,
Information Services
University of Bristol
--

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list