Removing domain prefix from login

Alan Buxey A.L.M.Buxey at
Thu Nov 10 17:20:58 CET 2011


> rad_recv: Access-Request packet from host port 1025, id=21, length=218

> 	User-Name = "OPTARE\\brouco"


all okay....but then:

> # Executing section authorize from file /etc/freeradius/sites-enabled/default
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[mschap] returns noop
> ++[digest] returns noop
> [ldap] performing user authorization for brouco
> [ldap] 	expand: %{Stripped-User-Name} -> 

no stripped-user-name

and User-Name is brouco  - but thats not what the client sent. they sent OPTARE\\brouco -
so your reply reference something they didnt send.

have you got 'ntdomain' module enabled in your virtual servers - just after the 'preprocess'
is called?


More information about the Freeradius-Users mailing list