Trying to strip the Windows Domain name from a login

Alan DeKok aland at
Wed Jan 26 14:52:59 CET 2011

Brett Littrell wrote:
>     First you mention looking into the realm information, did that, it
> is looking like that may not be to hard to do, if I am using the FR
> server to access the LDAP server then I just need to set a realm of
> ntdomain and auth=LOCAL, correct?


>  Then you go on to say strip the
> domain at the LDAP lookup, well if I do it there wouldn't that fix the
> problem regardless of changing the realm?

  I'm not sure what you mean by that.

>  You go on to explain that I
> should do the LDAP lookup in the inner-tunnel config, I have no problem
> with this, it makes sense, the problem I have is how do you specify the
> inner tunnel in the configuration?

  Edit the inner-tunnel configuration file.

>    Remember, I am new to FreeRadius, been using Cisco ACS for a few
> years now so I know about Radius in general, just not how to configure
> FreeRadius and docs are a bit hard to come by.

  See the Wiki, and the comments in the configuration files.
*Everything* is documented.  But there are few "howtos" for specific
situations.  You've got to understand the pieces, and put the solution
together yourself.

  Alan DeKok.

More information about the Freeradius-Users mailing list