Username with dot issue
Herwin Weststrate
freeradius at herwinw.nl
Wed Nov 1 18:03:48 CET 2017
Satish Patel wrote:
> I have setup freeradius with LDAP and we have may user account
> starting with "dot" example "foo.bar" but i found somewhere it
> getting strip off and only showing "foo" in logs.
Well, it's doing exactly what you configured it to do, altough that's
probably not what you want it to do.
>
> I have this setting in hint file, we are doing proxy to other radius
> too. I have check policy file too but nothing matching there.
>
> DEFAULT User-Name =~ "^([a-z]{1,25})"
> User-Name := "%{1}@EXAMPLE"
This mean: if the User-Name starts with 1 up to 25 alphabetical
characters, replace it with that match appended with "@EXAMPLE"
> Tue Oct 31 17:13:01 2017 : Debug: (3) User-Name = "foo.bar"
> Tue Oct 31 17:13:01 2017 : Debug: (3) preprocess: ::: Examining User-Name
> Tue Oct 31 17:13:01 2017 : Debug: (3) preprocess: 1/2 Found: foo (4)
The User-Name does match, because it starts with alphabetical chars. We
match the "foo" of "foo.bar", that match is stored in the "%{1}" expansion.
> Tue Oct 31 17:13:01 2017 : Debug: (3) preprocess: EXPAND %{1}@EXAMPLE
> Tue Oct 31 17:13:01 2017 : Debug: (3) preprocess: --> foo at EXAMPLE
Here it performs the expansion and replaces the User-Name with
"foo at EXAMPLE".
As for how to fix it: I have no idea what you're trying to achieve.
--
Herwin Weststrate
More information about the Freeradius-Users
mailing list