Authenticating to LDAP not stripping prefix

Christopher Shields cshields at waubonsee.edu
Thu Jul 2 21:57:19 CEST 2009


Hello All,
I'm new to the list so please excuse any obvious exclusions.
 
I have setup free radius to authenticate against our ldap directory and
this works fine until I try to use the windows login and password
instead of being prompted for one.  It puts the prefix of either the
workstation name or the domain name in front.  How do I strip these out?
 My ldap configuration is below and tls is configured and working I just
left it out.  Freeradius 2 on SUSE.
Thanks.
 
 
ldap {
 #
 #  Note that this needs to match the name in the LDAP
 #  server certificate, if you're using ldaps.
 server = "ldap-server"
 identity = "cn=admin,o=wcc"
 password =  sfasdf
 basedn = "ou=users,o=wcc"
 filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
 #base_filter = "(objectclass=radiusprofile)"
 
 #  How many connections to keep open to the LDAP server.
 #  This saves time over opening a new LDAP socket for
 #  every authentication request.
 ldap_connections_number = 5
 
 # seconds to wait for LDAP query to finish. default: 20
 timeout = 4
 
 #  seconds LDAP server has to process the query (server-side
 #  time limit). default: 20
 #
 #  LDAP_OPT_TIMELIMIT is set to this value.
 timelimit = 3
 
 #
 #  seconds to wait for response of the server. (network
 #   failures) default: 10
 #
 #  LDAP_OPT_NETWORK_TIMEOUT is set to this value.
 net_timeout = 1
 
 #
 #  This subsection configures the tls related items
 #  that control how FreeRADIUS connects to an LDAP
 #  server.  It contains all of the "tls_*" configuration
 #  entries used in older versions of FreeRADIUS.  Those
 #  configuration entries can still be used, but we recommend
 #  using these.
 #
 
 
Christopher Shields   Network Support Services Manager   630.466.5732  
cshields at waubonsee.edu 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090702/e6117b05/attachment.html>


More information about the Freeradius-Users mailing list