choose proxy based on AD
David McPike
davidmcpike at gmail.com
Wed Sep 29 19:49:08 CEST 2010
Excellent! Thanks, Alan. I have all my test cases working now except
for one. I still need to retain the original realm information in the
supplied User-Name. The old radius server needs it as part of the
username to know which child domain controller to contact for
authentication, otherwise auth fails.
In other words, if I proxy to the old radius server, the username
needs to be realm\user again.
Thanks for any further insight.
David
On Wed, Sep 29, 2010 at 11:39 AM, Alan DeKok <aland at deployingradius.com> wrote:
> David McPike wrote:
>> The problem is that if the user has not been migrated to the new
>> domain I need to retain the supplied realm information and proxy
>> realm\user to the old radius server.
>>
>> What else can I do to accomplish this?
>
> update control {
> Proxy-To-Realm := "foo"
> }
>
>
> That is *all* that the "realm" module does. You can do it, too. If
> you over-write an existing "Proxy-To-Realm" setting, then the old one is
> ignored, and the new one is applied.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list