User-Name Modification Assistance
Alan DeKok
aland at deployingradius.com
Fri May 11 18:04:39 CEST 2018
On May 11, 2018, at 12:00 PM, Jeremy Lundquist <pmudan01 at gmail.com> wrote:
> So the password is the issue as not only does this NAS vendor not put the
> MAC in the correct format but they are also currently not sending a
> password :)
Then why is it doing EAP-MD5?
And yes.. the specs *do* require it to send a password.
> In an attempt to get around this for this vendor I'm trying to manually set
> the User-Password then.
You don't need to set it. You can just check that the MAC exists in the DB, and then run the "accept" policy. That will cause the user to be authenticated, and will skip all password checks.
> So this should leave username as the original, but change the
> Stripped-User-Name and set User-Password (I can see/verify this in the
> debug as see these values entered into the DB radauthpost table). I've also
> configure the SQL queries to use Stripped-User-Name. And I've included this
> into my authorization section of site-enables/default, but I'm still
> getting the EAP failure as shown in the previous debug: Should I be adding
> it elsewhere also or am I missing something still?
That should work.
Alan DeKok.
More information about the Freeradius-Users
mailing list