Freeradius problem, EAP-TTLS works fine, EAP-PEAP does not

[Jean-Yves Avenard]

Hi

On Tuesday, August 31, 2010, Alan DeKok <aland at deployingradius.com> wrote:
>   The first debug log shows the user being found by the "unix" module.
> i.e. the User-Name has an entry in /etc/passwd, or the Apple equivalent.
>
>   The second debug log shows that the user is *not* found by the "unix"
> module.
>

Yes, because in the 2nd case, Win 7 sent the name of the computer instead.
>
>   I'm aware of that.  I'm saying that *you* need to figure out which is
> which, and edit the configuration to use the right one.

But configuration where? on the freeradius server or win 7?

>
>> If you could point me to directions on how to configure the server for
>> (b), it would be greatly appreciated.
>
>   Edit raddb/sites-enabled/inner-tunnel, the "authorize" section:
>
> authorize {
>         ...
>
>         if (User-Name =~ /\/(.*)/) {
>                 update request {
>                         Stripped-User-Name := "%{1}"
>                 }
>         }
>         ...
> }

This would only help if the user format is in the form of blah/user ;
which it isn't when the user name is sent and not the computer's name.

Looking at the log, I don't think that when win7 sent the computer
name as the login, the user's name is sent anywhere, so configuration
change can only be done on the win7 client

JY