rewriting usernames

Christopher Carver ccarver at pennswoods.net
Sat Nov 18 03:06:17 CET 2006 

Quoting Christopher Carver <ccarver at pennswoods.net>:

> Quoting Michael Mitchell <mitchell.michael at bigpond.com>:
>
> > Hi Chris,
> >
> > Christopher Carver wrote:
> > >
> > > Thanks for the reply, Kevin.  You got me on the right track, but I still
> > don't
> > > quite have it right.  It seems as though the users file can only
> manipulate
> >
> > Kevin's solution uses the "hints" file, not the "users" file. You'll need
> to
> > enable the preprocess module in the authorize section of radiusd.conf if it
> > isn't already.
> >
> > cheers,
> > Mike
> >
>
> Thanks for the help Mike and Kevin.  Well, I've made the change in the hints
> file.  The proprocesses module is matching on the correct line of the hints
> file, but the change to the User-Name isn't actually taking place.  It
> continues on to other modules with the same value.  From hints (line 1, where
> preprocesses is matching):
>
> DEFAULT
>         User-Name := "%{User-Name}@some-isp.com"
>
> I excluded the check for Called-Station-Id for now to keep things simple.  I
> use
> radclient to send an access accept packet where the username is "carver"
> along
> with the correct password.  Thats the test user account name.  Here is the
> radiusd -X output:
>
> rad_recv: Access-Request packet from host 127.0.0.1:32858, id=14, length=46
>         User-Name = "carver"
>         User-Password = "carver"
> rad_lowerpair:  User-Name now 'carver'
> rad_rmspace_pair:  User-Name now 'carver'
> modcall: entering group authorize for request 0
>   hints: Matched DEFAULT at 1
>   modcall[authorize]: module "preprocess" returns ok for request 0
>     users: Matched DEFAULT at 10
>   modcall[authorize]: module "files" returns ok for request 0
> radius_xlat:  'carver'
> rlm_sql (sql): sql_set_user escaped user --> 'carver'
> radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
> Username = 'carver' ORDER BY id'
> rlm_sql (sql): Reserving sql socket id: 5
> radius_xlat:  'SELECT
>
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
>  FROM radgroupcheck,usergroup WHERE usergroup.Username = 'carver' AND
> usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
> radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
> Username = 'carver' ORDER BY id'
> radius_xlat:  'SELECT
>
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
>  FROM radgroupreply,usergroup WHERE usergroup.Username = 'carver' AND
> usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.prio'
> rlm_sql (sql): Released sql socket id: 5
>   modcall[authorize]: module "sql" returns ok for request 0
> modcall: group authorize returns ok for request 0
> auth: type Crypt
> Login OK: [carver] (from client localhost port 0)
>
> In theory it should be processing it after hints as carver at some-isp.com.  But
> its still using the original username as if the change in hints had never
> ocurred.  Any ideas?
>
> Thanks for the help so far.  I really appreciate it.
>
> Chris Carver
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>

No one has any idea about this?

More information about the Freeradius-Users mailing list