rlm_eap: identity does not match User-Name, setting from EAP identity

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Fri Mar 17 18:43:29 CET 2006


Hi,

> When a user connectes, they are presented with a login
> box (username, password and domain name) if they put a
> domain name in the domain field, radius can't
> authenticate them and gives that error message. when
> the domain field is left empty, it works fine.
> 
> I read some posting that talked about how you have to
> turn off ntdomain_hack off and I tried that, it didn't
> gave me that error but then the ntlm_auth failed
> saying 'NO SUCH USER' so my guess is that the
> user-name has to be exactly same as what gets sent
> into EAP message.
> 
> has anyone else ran into this? any ideas on how to fix
> it?

check the debug to see what comes through and how you are using it. 
it may be because you are using the ntlm_auth as it is configured
by default. there are various stages in which the domain can be acted 
upon and stripped off (thinking proxy.conf here too)

alan



More information about the Freeradius-Users mailing list