Adding realm to username
Dariusz Nowak
Dariusz.Nowak at dionglobal.com
Mon Nov 13 09:30:28 CET 2017
Hello,
First of all apologies for not answering under actual email - using mobile client and it's breaking my rules.
Why?
I've got the issue that I'm in the middle of changes to AD auth for Linux servers - so technically can have user bob (local unix user) and bob at mydomain.com that is my AD account on this box. Want to distinguish based on client IP what user is coming.
Many thanks will give it a try.
Also updated FreeRadius version to newest version from website.
Thanks for help
D
From: Freeradius-Users <freeradius-users-bounces+dariusz.nowak=dionglobal.com at lists.freeradius.org> on behalf of Alan DeKok <aland at deployingradius.com>
Sent: 11 November 2017 13:20
To: FreeRadius users mailing list
Subject: Re: Adding realm to username
On Nov 11, 2017, at 8:14 AM, Dariusz Nowak <Dariusz.Nowak at dionglobal.com> wrote:
>
> I'm looking for guidance how to configure following scenario:
> If user came from host XXX (client IP) without specifying realm/domain (so ex. bob instead of bob at mydomain.com) I need to add it to the request.
Why?
If you're doing EAP, this will break EAP.
> I've found many example how to do that in otherway around - so if stripping domain from incoming request.
>
> Can somebody give me some guidance how I can achieve that?
Edit the User-Name attribute:
update request {
User-Name := "%{User-Name}@example.com"
}
> I've had a quick look on config/Proxy and correct me if I'm wrong but I believe this is what I need to use to configure it? It's just getting little bit blurry when I'm going to "What Happens" section and it mentioning hints.
The server has a lot of things it can do, but those are usually for specific scenarios.
For editing the User-Name, just edit the User-Name. That's what "unlang" is for.
> I'm using FreeRadius 3.0.4-6 on Centos7.
Ugh. You should upgrade to a version released in the last 3 years.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list