LDAP Group Against AD Issue
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Mon Mar 21 15:52:44 CET 2016
Hi,
> (7) ldap: EXPAND (sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}})
> (7) ldap: --> (sAMAccountName=applause\5c5csystest)
> (7) ldap: Performing search in "OU=User
> Accounts,DC=corp,DC=applause,DC=com" with filter
> "(sAMAccountName=applause\5c5csystest)", scope "sub"
sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}}
but you are getting applause\5c5csystest fed through....which means stripped-user-name
isnt populated - so just ensure that either 1) you have your domaion listed in proxy.conf
eg
applause {
}
and that prefix is being called before ldap module etc
or 2) set stripped-user-name yourself with some unlang and a regex to the pattern of the
user-name (messy/hacky but will als do the job - just doing 1) and letting freeradius
deal with it all is the best way.....)
alan
More information about the Freeradius-Users
mailing list