Problem with realm

Christian Hohmann Christian-Hohmann at web.de
Mon Apr 23 10:31:44 CEST 2007 

Hi,

I'm trying to configure freeradius for Authentication with username and pwd. It works if I enter the information directly, but if i configure the client to authenticate with username and password, it transmitts HOSTNAME\USERNAME. I discovered realms, but i can't get it work. I hope that you can help me with a hint, i added my radiusd.conf below.

Regards - Christian
################

prefix = /usr
exec_prefix = ${prefix}
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/radiusd
log_file = ${logdir}/radius.log
libdir = /usr/lib/freeradius
pidfile = ${run_dir}/radiusd.pid

user = root
group = root

max_request_time = 30
delete_blocked_requests = no
cleanup_delay = 5
max_requests = 1024

bind_address = *
port = 0

hostname_lookups = no
allow_core_dumps = no
regular_expressions	= yes
extended_expressions	= yes

log_stripped_names = yes
log_auth = no
log_auth_badpass = no
log_auth_goodpass = no

usercollide = no
lower_user = no
lower_pass = no
nospace_user = no
nospace_pass = no
checkrad = ${sbindir}/checkrad

security {
	max_attributes = 200
	reject_delay = 1
	status_server = no
}

proxy_requests  = no
$INCLUDE  ${confdir}/clients.conf
snmp	= no

thread pool {
	start_servers = 5
	max_servers = 32
	min_spare_servers = 3
	max_spare_servers = 10
	max_requests_per_server = 0
}

modules {
	chap {
		authtype = CHAP
	}
	unix {
		cache = no
		cache_reload = 600
		radwtmp = ${logdir}/radwtmp
	}
$INCLUDE ${confdir}/eap.conf
	mschap {
		authtype = MS-CHAP
	}

	realm ntdomain {
		format = prefix
		delimiter = "\\"
		ignore_default = no
		ignore_null = no
	}	

	preprocess {
		ascend_channels_per_line = 23
		with_ntdomain_hack = no
	}

	files {
		usersfile = ${confdir}/users
		preproxy_usersfile = ${confdir}/preproxy_users
		compat = no
	}

	detail {
		detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
		detailperm = 0600
	}

	acct_unique {
		key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
	}

	radutmp {
		filename = ${logdir}/radutmp
		username = %{User-Name}
		case_sensitive = yes
		check_with_nas = yes		
		perm = 0600
		callerid = "yes"
	}

	attr_filter {
		attrsfile = ${confdir}/attrs
	}

	expr {
	}

	exec {
		wait = yes
		input_pairs = request
	}

	exec echo {
		wait = yes
		program = "/bin/echo %{User-Name}"
		input_pairs = request
		output_pairs = reply
	}
}

instantiate {
	exec
	expr
}
authorize {
	preprocess
	chap
	mschap
	ntdomain
	eap
	files
}

authenticate {
	Auth-Type PAP {
		pap
	}

	Auth-Type CHAP {
		chap
	}

	Auth-Type MS-CHAP {
		mschap
	}
	unix
	eap
}

preacct {
	preprocess
	acct_unique
	ntdomain
	files
}

accounting {
	detail
	unix
	radutmp
}

session {
	radutmp
}

post-auth {
}

_______________________________________________________________
SMS schreiben mit WEB.DE FreeMail - einfach, schnell und
kostenguenstig. Jetzt gleich testen! http://f.web.de/?mc=021192

More information about the Freeradius-Users mailing list