New User and AD Question
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Tue Mar 1 11:01:01 CET 2011
Hi,
> I took this code and modified it, assuming that if the code I wrote before (which tries to use "COL.MISSOURI.EDU" as the realm) doesn't work, I can use the code above to take FOO.MISSOURI.EDU and proxy to the NT domain FOO-USERS, which is more than just massaging the User-Name field. The switch statement will be necessary to translate the AD domain into the correct NT domain.
this stuff doesnt touch the User-Name - it just looks at it and alters the servers proxy choosing behaviour which
is what makes it useful and powerful.
the language is 'unlang' - its a built in parser in freeradius - making the server very powerful by being able to
actually put coding logic into the config files....in short its brilliant. 'man unlang' for more info
> "radiusd -XC" likes it. Hopefully, I'll be able to tell if one or both of these schemes works fairly early tomorrow.
I was going to suggest a session of radiusd -X because in the output you can actually SEE the logic decisions
being made - which really really helps with dealing with false/true hits where you might not expect them..
the old 'why didnt that match?' question gets answered very quickly
alan
More information about the Freeradius-Users
mailing list