User-Name missing realm in Access-Accept
Alain Péan
alain.pean at lpn.cnrs.fr
Thu Aug 13 18:19:57 CEST 2015
Hi Alan,
Le 12/08/2015 17:46, A.L.M.Buxey at lboro.ac.uk a écrit :
> however, for what you propose, you are better off using a policy in policy.conf
> that does multiple checks for a valid name (including having a "@") - this
> is effective, scalable and ensures ou have a single defined policy for any V-S you may have
> and ALSO gets you more ready for 3.x:-)
I forgot to answer, but thanks for the advice. I plan to upgrade to 3.x
when it is available in Ubuntu LTS (16.04).
There is already this policy in the file :
# Forbid all attempts to login via realms.
#
deny_realms {
if (User-Name =~ /@|\\/) {
reject
}
}
So I suppose it would be the opposite, but requesting another regex...
Thanks,
Alain
--
Administrateur Système/Réseau
Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20)
Centre de Recherche Alcatel Data IV - Marcoussis
route de Nozay - 91460 Marcoussis
Tel : 01-69-63-61-34
More information about the Freeradius-Users
mailing list