order of realm processing
green green
gggreen4 at gmail.com
Fri Dec 18 17:46:44 CET 2009
i have domain1\user1 and this get radius proxy correctly to the radius1
server (11.11.11.11) based on ntdomain prefix
have also set the ignore_null = yes
i have user1 at domain1 and this get radius proxy correctly to the radius1
server (11.11.11.11) based on suffix
have also set the ignore_null = yes
*under /modules/realm *
realm ntdomain {
format = prefix
delimiter = "\\"
ignore_default = yes
ignore_null = yes
}
realm suffix {
format = suffix
delimiter = "@"
ignore_default = yes
ignore_null = yes
}
*Under proxy.conf*
realm domain1 {
type = radius
nostrip
authhost = 11.11.11.11:1812
accthost = 11.11.11.11:1813
secret = secret1
}
realm NULL {
type = auth
authhost = 22.22.22.22:1812
accthost = 22.22.22.22:1813
secret = secret1
}
*Debug
*
*[ntdomain] No '\' in User-Name = "user2", skipping NULL due to config.
++[ntdomain] returns noop
[suffix] No '@' in User-Name = "user2", skipping NULL due to config.
++[suffix] returns noop*
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication
may fail because of this.
++[pap] returns noop
No authenticate method (Auth-Type) configuration found for the request:
Rejecting the user
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> user2
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 3 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 3
Sending Access-Reject of id 211 to 3.3.3.3 port 1645
Waking up in 1.0 seconds.
Cleaning up request 2 ID 210 with timestamp +14
Waking up in 3.9 seconds.
Cleaning up request 3 ID 211 with timestamp +17
Ready to process requests.
i have user2 (without domain) and this get rejected, i want it to send to
radius2 server (22.22.22.22) as defined in the NULL domain as defined in the
proxy.conf. Can advise how to do this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20091219/48efd5cc/attachment.html>
More information about the Freeradius-Users
mailing list