EAP-TLS - About username sent by supplicant

Alexism alexis.masset at adeoservices.com
Fri Dec 14 14:13:41 CET 2007 

Hello,

I have the same problem but this procedure don't work in my environment
(FREERADIUS, OpenLDAP, SAMBA).

I have this eap error : rlm_eap: Identity does not match User-Name, setting
from EAP Identity.
  rlm_eap: Failed in handler

Can you send me your radiusd.conf ?

Regards



OLIVER Patrice wrote:
> 
> Hello,
> 
> It works, thanks. :)
> 
> Regards.
> 
> -----Original Message-----
> From: A.L.M.Buxey at lboro.ac.uk
> To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
> Date: Fri, 14 Dec 2007 09:39:08 +0000
> Subject: Re: EAP-TLS - About username sent by supplicant
> 
>> Hi,
>> 
>> > My question deals with the username sent by the supplicant when the
>> authentication goes on. At
>> boot
>> > time, the username sent is : host/user_name. After the login, the
>> username sent is : user_name.
>> So, I
>> > have to create 2 users. I want to cut 'host/' to make this task easier.
>> It is possible ? How do I
>> do this ?
>> 
>> attr_filter or somesuch eg put these into radiusd.conf
>> 
>> attr_rewrite copy-user-name {
>> attribute = Stripped-User-Name
>> new_attribute = yes
>> searchfor = ""
>> searchin = packet
>> replacewith = "%{User-Name}"
>> }
>> 
>> attr_rewrite remove-host {
>> attribute = Stripped-User-Name
>> searchfor = "^(host/.*)"
>> searchin = packet
>> new_attribute = no
>> replacewith = "%{1}"
>> }
>> 
>> and then call these 2 functions in your authorize section
>> (radiusd.conf or sites-enabled/wherever (for FR 2.0) )
>> 
>>         copy-user-name
>>         remove-host
>> 
>> just before the other modules are called - eg chap, auth_log etc etc
>> 
>> alan
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> 
> 

-- 
View this message in context: http://www.nabble.com/EAP-TLS---About-username-sent-by-supplicant-tp14331648p14334549.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.

More information about the Freeradius-Users mailing list