Cut domain from username

Alan Buxey alan.buxey at
Mon Aug 13 18:10:29 CEST 2018

don't play with user-name - just ensure that you are logging the stripped
username and that you are, for acct, proxying the stripped name


On 13 August 2018 at 15:59, Алексей Морозенко <alexmorozenko at>

> Hi to all.
> I've set up FreeRADIUS(3.0.17)+LDAP(FreeIPA) and everything works..
> ..but some people put domain in their's login (like username at or
> even username at
> Authorization succeds (because of use of Stripped-User-Name) but I see
> username at logins in my Wifi console.
> Another issue is that FreeRADIUS proxies acct requests to the gateway where
> group based policy is applied. There is no username at in LDAP,
> just username, so I have empty group and minimal access
> Of course, I can administratively prohibit logins with (filter
> policy), but maybe there is more elegant way to just convert User-Name
> in Stripped-User-Name regardless of user input?
> Thanks in advance.
> --
> Best regards, Alex Morozenko
> -
> List info/subscribe/unsubscribe? See
> list/users.html

More information about the Freeradius-Users mailing list