Stripped-User-Name not set when using nostrip?

Alan DeKok aland at
Thu Jul 4 01:27:27 CEST 2013

Júlíus Þór Bess Ríkharðsson wrote:
> I'm not sure why you say that my LDAP is not working because in the
> second debug output you can see that I find the object and use it's DN
> and also extract an attribute from the object. There is no known good
> password however because AD doesn't store clear-text passwords.

  Then you're not really using an LDAP server.  See my web page for
instructions on getting FreeRADIUS to work with AD:

> I made this setup so that I could keep things separated. I wanted
> everything for that domain to be handled in it's own virtual-server. I
> thought that was your idea? Am I misunderstanding virtual-servers?

  No. But you're PROXYING the tunneled request.  Why?  The
"inner-tunnel" virtual server already handles the tunneled request.

> So... is the conclusion that; this is the behaviour of User-Name when
> proxied?

  Follow the instructions in my previous message.  DON'T proxy the inner
tunnel data.

  It's that easy.

  You're ignoring my instructions.  You're asking irrelevant questions.
 You can try to figure out *why* it's going wrong.  Or, you can follow
instructions and have it work.

  Which one do you prefer?

  Alan DeKok.

More information about the Freeradius-Users mailing list