order of realm processing

green green gggreen4 at gmail.com
Fri Dec 18 17:46:44 CET 2009 

i have domain1\user1 and this get radius proxy correctly to the radius1
server (11.11.11.11) based on ntdomain prefix
have also set the ignore_null = yes

i have user1 at domain1 and this get radius proxy correctly to the radius1
server (11.11.11.11) based on suffix
have also set the ignore_null = yes

*under /modules/realm *
realm ntdomain {
        format = prefix
        delimiter = "\\"
        ignore_default = yes
        ignore_null = yes
}

realm suffix {
        format = suffix
        delimiter = "@"
        ignore_default = yes
        ignore_null = yes
}


*Under proxy.conf*

realm domain1 {
       type             = radius
       nostrip
       authhost        = 11.11.11.11:1812
       accthost        = 11.11.11.11:1813
       secret          = secret1
}

realm NULL {
      type = auth
       authhost        = 22.22.22.22:1812
       accthost        = 22.22.22.22:1813
       secret          = secret1
}


*Debug
*
*[ntdomain] No '\' in User-Name = "user2", skipping NULL due to config.
++[ntdomain] returns noop
[suffix] No '@' in User-Name = "user2", skipping NULL due to config.
++[suffix] returns noop*
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.  Authentication
may fail because of this.
++[pap] returns noop
No authenticate method (Auth-Type) configuration found for the request:
Rejecting the user
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> user2
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 3 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 3
Sending Access-Reject of id 211 to 3.3.3.3 port 1645
Waking up in 1.0 seconds.
Cleaning up request 2 ID 210 with timestamp +14
Waking up in 3.9 seconds.
Cleaning up request 3 ID 211 with timestamp +17
Ready to process requests.

i have user2 (without domain) and this get rejected, i want it to send to
radius2 server (22.22.22.22) as defined in the NULL domain as defined in the
proxy.conf.  Can advise how to do this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20091219/48efd5cc/attachment.html>

More information about the Freeradius-Users mailing list