Upgrade to v2.1.9 - ntdomain logon issues
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Wed Sep 8 20:35:04 CEST 2010
Hi,
> [copy.user-name] expand: %{User-Name} -> SMB001\bob
> copy.user-name: Added attribute Stripped-User-Name with value 'SMB001\bob'
> ++[copy.user-name] returns ok
> [add-dollar-sign] expand: ^(host/.*) -> ^(host/.*)
> add-dollar-sign: Does not match: Stripped-User-Name = SMB001\bob
> ++[add-dollar-sign] returns ok
> [strip-realm-name] expand: ^(.*[\/]+) -> ^(.*[\/]+)
> strip-realm-name: Changed value for attribute Stripped-User-Name from
> 'SMB001\bob' to 'bob'
> ++[strip-realm-name] returns ok
WARNING - ALERT - WARNING
those particular filters look way way too familiar to me. they look like
some kind of FreeRADIUS 1.0.x hack that I would have told someone to put into
their config back in around 2007 or so.
you do not need that sort of stuff in FreeRADIUS 2.x
what you are doing is messing around with the EAP identity
and thus EAP will break.
I'd advise that you take a nice clean FreeRADIUS 2 config, then edit the
small parts that you need to edit to get a working system -
clients.conf
so that NAS devices can talk to it
eap.conf
so that your EAP is correct
then the ldap files - as you appear to use LDAP.
there might be some other minor bits that need tweaking...but that'll
be fairly obvious when you throw test clients at it
alan
More information about the Freeradius-Users
mailing list