UPN and mschap issues
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Sat Nov 28 13:12:59 CET 2015
Hi,
dont use User-Name - you cant play with that..instead either work on the stripped-user-name
or create your own attribute locally and use that on the ntlm_auth line
what you need to do is some regex to turn the current User-Name, or stripped-user-name
that has already dealt with the realm part giving you just the stripped name.... into the
format you need for it to match the saMAccountname
perhaps some people should have been made aware of all this in some form of change management
process before the AD was messed around with?
FreeRADIUS will let you do what you want using regex and recombining the results of the regex
into the format you want..... but external systems like Office365...well, they will
probably be a big headache if you migrate to them
alan
More information about the Freeradius-Users
mailing list