How to cut the realm from a username before it is sent to authenticate against ldap with ttls/pap
Andy An
andyan at eciad.ca
Thu Jul 17 00:31:11 CEST 2008
Hi Alan/Ivan:
Thanks for your useful posts on this mailing list so I could configured
all basic stuff to work finally(though it's still a little challenging
for me as a beginner) .
Now two more specific problems would like to get your further help/guide:
1. How could I get a username/password authenticated against ldap
without its realm if there is one(i.e. cut away the realm @something.ca)?
I used Freeradius 2.0.5. We need this to see if:
* A user is a home user and log in from home NAS/AP (in this case he
may not use any realm at all)
* or a user is a home user but log in from other colleage/university
and proxied home by our upper eduroam proxy server at the guest
college/university
* or a user is a roaming user from other college/university and we
need to proxy the request to the upper eduroam radius server and finally
back to his home
college/university for authenticating.
2. How could I get the client IP addresses to fill the "framedipaddress"
field in the table raddacc?
I used mysql as my accounting DB and the client ip addresses assigned by
a dhcp server sitting in the LAN/VLAN.
Now the field "framedipaddress" or "client-ip_address" is empty.
Thank you in advance for your great help!
--
Andy An Junior Programmer
Information Technology Services
Emily Carr University of Art and Design
Tel: 604-630-4556 Fax: 604-844-3801
SB Room 341
More information about the Freeradius-Users
mailing list