Hints file and Strip-User-Name

Paul Khavkine paul.khavkine at distributel.ca
Tue Jun 3 18:37:25 CEST 2008 

Hi.

 

I'm trying to match a suffix in the username using the hints file and
strip the suffix.

 

I have the following configured:

 

raddb/hints:

 

DEFAULT Suffix == ".d", Strip-User-Name = Yes

        Hint = "Dynamic"

 

raddb/users:

 

DEFAULT Hint == "Dynamic"

        Framed-IP-Address := 255.255.255.254,

        Fall-Through = Yes

 

user    Cleartext-Password := "password"

        Service-Type = Framed-User,

        Framed-IP-Address = XXX.XXX.XXX.XXX,

        Framed-Protocol = PPP,

        Framed-Routing = None,

        Session-Timeout = 604800,

        Idle-Timeout = 86400,

        Framed-MTU = 1500,

        Framed-Compression = Van-Jacobsen-TCP-IP

 

When run radiusd -W I can see it enter the preprocess module and match
an entry, but the suffix is not being stripped and entry in users file
not being matched:

 

Tue Jun  3 12:54:15 2008 : Debug: +- entering group authorize

Tue Jun  3 12:54:15 2008 : Debug:   modsingle[authorize]: calling suffix
(rlm_realm) for request 0

Tue Jun  3 12:54:15 2008 : Debug:     rlm_realm: No '@' in User-Name =
"user.d", looking up realm NULL

Tue Jun  3 12:54:15 2008 : Debug:     rlm_realm: No such realm "NULL"

Tue Jun  3 12:54:15 2008 : Debug:   modsingle[authorize]: returned from
suffix (rlm_realm) for request 0

Tue Jun  3 12:54:15 2008 : Debug: ++[suffix] returns noop

Tue Jun  3 12:54:15 2008 : Debug:   modsingle[authorize]: calling
preprocess (rlm_preprocess) for request 0

Tue Jun  3 12:54:15 2008 : Debug:   hints: Matched DEFAULT at 79

Tue Jun  3 12:54:15 2008 : Debug:   modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 0

Tue Jun  3 12:54:15 2008 : Debug: ++[preprocess] returns ok

Tue Jun  3 12:54:15 2008 : Debug: auth: No authenticate method
(Auth-Type) configuration found for the request: Rejecting the user

Tue Jun  3 12:54:15 2008 : Debug: auth: Failed to validate the user.

Tue Jun  3 12:54:15 2008 : Auth: Login incorrect: [user.d/password]
(from client ERX-LAB port 2152726802 cli #ERX01.OTWODDS#BLC01.OTW23DS
atm 3/1:0.35#)

Tue Jun  3 12:54:15 2008 : Debug:   Found Post-Auth-Type Reject

Tue Jun  3 12:54:15 2008 : Debug: +- entering group REJECT

Tue Jun  3 12:54:15 2008 : Debug:   modsingle[post-auth]: calling
attr_filter.access_reject (rlm_attr_filter) for request 0

Tue Jun  3 12:54:15 2008 : Debug:       expand: %{User-Name} -> user.d

Tue Jun  3 12:54:15 2008 : Debug:  attr_filter: Matched entry DEFAULT at
line 11

Tue Jun  3 12:54:15 2008 : Debug:   modsingle[post-auth]: returned from
attr_filter.access_reject (rlm_attr_filter) for request 0

Tue Jun  3 12:54:15 2008 : Debug: ++[attr_filter.access_reject] returns
updated

Tue Jun  3 12:54:15 2008 : Debug: Delaying reject of request 0 for 1
seconds

Tue Jun  3 12:54:15 2008 : Debug: Going to the next request

Tue Jun  3 12:54:15 2008 : Debug: Waking up in 0.9 seconds.

Tue Jun  3 12:54:16 2008 : Debug: Sending delayed reject for request 0

Tue Jun  3 12:54:16 2008 : Debug: Waking up in 4.9 seconds.

Tue Jun  3 12:54:21 2008 : Debug: Cleaning up request 0 ID 5 with
timestamp +79

Tue Jun  3 12:54:21 2008 : Debug: Ready to process requests.

 

Any ideas ?

 

I'm running FreeRADIUS 2.0.3.

 

 

Thanx

Paul

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080603/996c3bc6/attachment.html>

More information about the Freeradius-Users mailing list