active directory host authentication

Joe Vieira jvieira at
Wed Apr 18 21:20:19 CEST 2007

ah! you really cannot play with User-Name - as you have found, the client
> doesnt like that to be changed. what you want to do is copy User-Name
> to Stripped-User-Name and then play with Stripped-User-Name - and
> use that in the rest of the stages.
how do i copy User-Name to something else?

what i ended up doing (it's not super pretty, but works) is using Hints 
and if prefix == "host"  (as machines auth as host/blahblah) then i set 
a new attribute called domain and use that for the auth, and if i get a 
real domain as the prefix i just assign that as the attribute 
domain...not pretty but it works.


More information about the Freeradius-Users mailing list