active directory host authentication
Joe Vieira
jvieira at clarku.edu
Wed Apr 18 20:06:45 CEST 2007
>
> well, you can use regexp/attr_filter to look for these systems
> and then just chop off the activedirectorydomain.domain.domain. part
> thus allowing the AD REALM to be forced by yourselves.
>
>
I tried something similar i used attr_rewrite to replace the bad parts
of User-Name with the modified correct values, it, however because i am
using eap-ttls, i got an eap error
"rlm_eap: Identity does not match User-Name, setting from EAP Identity.
rlm_eap: Failed in handler"
can you point me to a doc where the attr_filter is explained better?
from reading the comments/documentation i got the impression it was
primarily used for proxying, and wouldn't work for other things...
Joe
More information about the Freeradius-Users
mailing list