Removing domain prefix from login
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Thu Nov 10 17:20:58 CET 2011
Hi,
> rad_recv: Access-Request packet from host 172.20.40.11 port 1025, id=21, length=218
<snip>
> User-Name = "OPTARE\\brouco"
<snip>
all okay....but then:
> # Executing section authorize from file /etc/freeradius/sites-enabled/default
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[mschap] returns noop
> ++[digest] returns noop
> [ldap] performing user authorization for brouco
> [ldap] expand: %{Stripped-User-Name} ->
no stripped-user-name
and User-Name is brouco - but thats not what the client sent. they sent OPTARE\\brouco -
so your reply reference something they didnt send.
have you got 'ntdomain' module enabled in your virtual servers - just after the 'preprocess'
is called?
alan
More information about the Freeradius-Users
mailing list