suffix not work for me
Phil Mayers
p.mayers at imperial.ac.uk
Thu Sep 27 18:58:28 CEST 2012
On 27/09/12 17:06, Tony Peña wrote:
> i put the hint file more below after radiusd -X.. check again please...
> i miss policyfilter...
> i send again both.
>
> /etc/freeradius/hints
>
> DEFAULT Suffix == "@my.domain.cu", Strip-User-Name
Don't do this. It doesn't work reliably, because you modify the
username, which breaks some things.
Stop using the hints file, and instead do something like this:
authorize {
...
if (User-Name =~ /^(.+)@my.domain.co/) {
update request {
Stripped-User-Name := "%{1}"
}
}
...
}
As Alan has pointed out, you can also do this with the "realm" module:
authorize {
...
suffix
...
}
...but to do that, you ALSO need to edit proxy.conf and define a fake
local realm. Personally I find this confusing and like to separate proxy
realms from username realms.
More information about the Freeradius-Users
mailing list