Some help with etc_smbpasswd auth and eap ttls

tnt at kalik.net tnt at kalik.net
Thu Jan 8 10:54:59 CET 2009


>Ok, I have upgraded to Freeradius version 2.1.3 (following the
>suggestion above). I have configured and gotten everything to work
>except for the domain name stripping at the front of the username (eg:
>HTN/josh). If I dont supply the domain name, authentication succeeds
>perfectly. I am still getting the same error that I was with Freeradius
>version 1.3.1. Ive configured a HTN realm to strip off the HTN part and
>in the debug, it appears to work as stripped-user=josh gets proxied
>back. Then authentication failes in the same way as it did before? It is
>mentioned above that there are 3-4 solutions which are trivial in 2.x.
>Since I have Freeradius basically running, could someone spare some of
>their valuable time with a pointer on stripping off the HTN part of the
>user so authentication will succeed?
..
>[ntdomain] Looking up realm "HTN" for User-Name = "HTN\josh"
>[ntdomain] Found realm "HTN"
>[ntdomain] Adding Stripped-User-Name = "josh"
>[ntdomain] Adding Realm = "HTN"
>[ntdomain] Authentication realm is LOCAL.
>++[ntdomain] returns ok
>++[control] returns ok
>[eap] EAP packet type response id 1 length 67
>[eap] No EAP Start, assuming it's an on-going EAP conversation
>++[eap] returns updated
>++[files] returns noop
>++[etc_smbpasswd] returns notfound

You don't have entry josh in users file. Is it suposed to be in
smbpasswd? Put Stripped-User-Name in the file format.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list