Username from LDAP in proxy request
Ivan Kalik
tnt at kalik.net
Mon Aug 31 19:27:56 CEST 2009
> I'm looking for some help with proxying requests using free-radius. I
> have
> a situation where I need to perform a query to an LDAP that contains
> both
> the back-end authentication server as well as username for a user. For
> example, the User-Name in the originating request may be User1.
> FreeRADIUS
> then queries LDAP, which contains attributes called authenticationserver
> and
> authenticationuname. The authenticationserver is where the request
> should
> be proxied to, and the authenticationuname is the User-Name that should
> be
> substituted for the original user-name in the proxy request. I have the
> first part working, where I mapped authenticationservername to
> Proxy-To-Realm in the ldapmap file. I also setup all the possible
> values as
> realms. The server is now forwarding requests based on what it gets
> back in
> the LDAP query. I'm stuck however at trying to substitute the User-Name
> from what is retrieved from LDAP.
> Anybody know anyway to do this?
Create a new attribute New-User-Name in raddb/dictionary. Map it to
authenticationuname in ldap.attrmap. Use unlang to replace User-Name with
it in pre-proxy section.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list