rewriting usernames
Christopher Carver
ccarver at pennswoods.net
Sat Nov 18 03:06:17 CET 2006
Quoting Christopher Carver <ccarver at pennswoods.net>:
> Quoting Michael Mitchell <mitchell.michael at bigpond.com>:
>
> > Hi Chris,
> >
> > Christopher Carver wrote:
> > >
> > > Thanks for the reply, Kevin. You got me on the right track, but I still
> > don't
> > > quite have it right. It seems as though the users file can only
> manipulate
> >
> > Kevin's solution uses the "hints" file, not the "users" file. You'll need
> to
> > enable the preprocess module in the authorize section of radiusd.conf if it
> > isn't already.
> >
> > cheers,
> > Mike
> >
>
> Thanks for the help Mike and Kevin. Well, I've made the change in the hints
> file. The proprocesses module is matching on the correct line of the hints
> file, but the change to the User-Name isn't actually taking place. It
> continues on to other modules with the same value. From hints (line 1, where
> preprocesses is matching):
>
> DEFAULT
> User-Name := "%{User-Name}@some-isp.com"
>
> I excluded the check for Called-Station-Id for now to keep things simple. I
> use
> radclient to send an access accept packet where the username is "carver"
> along
> with the correct password. Thats the test user account name. Here is the
> radiusd -X output:
>
> rad_recv: Access-Request packet from host 127.0.0.1:32858, id=14, length=46
> User-Name = "carver"
> User-Password = "carver"
> rad_lowerpair: User-Name now 'carver'
> rad_rmspace_pair: User-Name now 'carver'
> modcall: entering group authorize for request 0
> hints: Matched DEFAULT at 1
> modcall[authorize]: module "preprocess" returns ok for request 0
> users: Matched DEFAULT at 10
> modcall[authorize]: module "files" returns ok for request 0
> radius_xlat: 'carver'
> rlm_sql (sql): sql_set_user escaped user --> 'carver'
> radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
> Username = 'carver' ORDER BY id'
> rlm_sql (sql): Reserving sql socket id: 5
> radius_xlat: 'SELECT
>
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
> FROM radgroupcheck,usergroup WHERE usergroup.Username = 'carver' AND
> usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
> radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
> Username = 'carver' ORDER BY id'
> radius_xlat: 'SELECT
>
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
> FROM radgroupreply,usergroup WHERE usergroup.Username = 'carver' AND
> usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.prio'
> rlm_sql (sql): Released sql socket id: 5
> modcall[authorize]: module "sql" returns ok for request 0
> modcall: group authorize returns ok for request 0
> auth: type Crypt
> Login OK: [carver] (from client localhost port 0)
>
> In theory it should be processing it after hints as carver at some-isp.com. But
> its still using the original username as if the change in hints had never
> ocurred. Any ideas?
>
> Thanks for the help so far. I really appreciate it.
>
> Chris Carver
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
No one has any idea about this?
More information about the Freeradius-Users
mailing list