Username case insensitivity

Luveh Keraph 1.41421 at gmail.com
Fri Feb 21 23:44:59 CET 2020


> On Feb 21, 2020, at 5:48 PM, Luveh Keraph <1.41421 at gmail.com> wrote:
>>
>> I would like for my FreeRADIUS 3.0.20 server to match user names to be
>> authenticated in a case-insensitive way.

> You want it to match *all* names in a case insensitive way?

All user names that the FreeRADIUS receives for authentication. The
password should remain case-sensitive.

>> To that effect, I changed the
>> contents of /etc/raddb/mods-enabled/sradutmp as follows:
>>
>> radutmp sradutmp {
>>    filename = ${logdir}/sradutmp
>>    case_sensitive = "no"
>
> No... that changes the case insensitivity of the *radutmp* module.  The
comments in the module > make this clear.

OK, thanks.

>> When I launch the FreeRADIUS server with -sfXx in the resulting traces I
>> can see that the module above has been loaded, and that the
case_sensitive
>> attribute is indeed set to "no". However, the FreeRADIUS server remains
>> user name case-sensitive. What am I misunderstanding here?
>
> You're seeing the server run modules which *aren't* radump, and which
*don't* take any
> "case_sensitive" parameter.  I'm not sure why editing the "radutmp"
module would make the
> "files" or "pap" module be case insensitive.

OK.

>  In FreeRADIUS, user name lookups are generally done via databases.  If
you want the lookups >  to be case insensitive, then change the database
queries
>
>  So... which database are you using to look up user names / passwords?

I am just using the basic capabilities provided by FreeRADIUS - entries in
/etc/raddb/users. The user name and password information is retrieved from
that file.

I tried adding a policy for this in /etc/raddb/policy.d, but I couldn't get
that to work either.


More information about the Freeradius-Users mailing list