HINTS and EAP correspondence issue.
Matthieu Lazaro
matthieu.lazaro at eservglobal.com
Mon Oct 19 14:36:42 CEST 2009
Ivan Kalik a écrit :
>>> Trying to set up machine authentification, I have been able to rewrite
>>> my user-name to match my requirements in my Open ldap: get rid of the
>>> host/ and add $ ( host/machinename --> machinename$) using hints.
>>> But it ends up with this error after ldap authorisation:
>>> [eap] Identity does not match User-Name, setting from EAP Identity
>>> And it fails the authentification part.
>>>
>>> How can I tell EAP the new user name?
>>>
>>> It works when I use realm in proxy.conf and remove the $ at the end of
>>> the machine uid in my ldap, but this won't do as I don't want to rename
>>> all the uids.
>>>
>
> You can't. Altering User-Name breaks EAP.
>
>
>> I have checked again, files are uncommented in my inner-tunnel
>> configuration and hints is reprocessed.
>>
>> Thanks for any suggestions.
>>
>
> Alter ldap information. It's not AD so don't use it's naming conventions.
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
Thanks,
This is exactly what I thought, I wanted to be sure.
I'll alter LDAP information as proxy REALM works very well.
Best regards,
Matthew
More information about the Freeradius-Users
mailing list