Logging ntlm authentication
Sion
mleasd at gmail.com
Fri Sep 3 17:39:54 CEST 2010
On Fri, Sep 3, 2010 at 4:25 PM, Alan DeKok <aland at deployingradius.com> wrote:
> Sion wrote:
>> That was one of the first things I did after reading the debug output
>> originally - I've got 'linelog' in the post-auth section of the
>> "inner-tunnel" in addition to the "default" virtual server.
>
> The post-auth section of "inner-tunnel" isn't used, unfortunately.
Ahh ok, that explains it.
>
>> If I take
>> linelog completely out of the default virtual server so that it's only
>> defined in the post-auth of the inner-tunnel no log is generated at
>> all.
>
> $ man unlang
>
> You can use the inner-tunnel config to update the outer attributes,
> and then log them in the outer virtual server.
This had actually crossed my mind but I had tried testing this in the
post-auth section as well.
What section should I do this in? Would something like this work?
update outer {
MS-CHAP-Error = "%{reply:MS-CHAP-Error}"
}
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list