New User and AD Question
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Tue Mar 1 00:53:59 CET 2011
Hi,
> I'll try it, but I've read it, and I don't see how this (from realm module):
>
> #
> # 'domain\user'
> #
> realm ntdomain {
> format = prefix
> delimiter = "\\"
> }
>
> Is going to apply to this:
>
> User-Name = "host/doit-tcb-agl.col.missouri.edu"
ignore me. i'm tired. yes, this is a little bit of pain. you'll be best off using a bit of unlang eg
(put this in the authorize section of your main virtual server)
if ( User-Name =~ /^host\//i ) {
if ( User-Name =~ /\\.col\\.missouri\\.edu$/i ) {
update control {
Proxy-To-Realm := "col.missouri.edu"
}
}
}
this will then throw the packet to the the part of proxy.conf that has
col.missouri.edu
a bit of regex foo and you can use %{1} return operators etc rather than
hardcode things if you want.... alternatively you can deal with what you know as yours
and then identity what isnt yours and reject or proxy them
machine auth can be pretty nasty...
alan
More information about the Freeradius-Users
mailing list