Username not stripped in NPS
Cristian Di Livio
cristian.dilivio at salesianinordest.it
Mon Feb 26 13:38:52 UTC 2024
Hi all,
I would like to configure wi-fi authentication with 802.1x with multiple
realms and only one NPS (therefore only one active directory domain). For
example:
- AD domain -> domain.network
- realms that can be used -> domain; otherRealm
With PEAP traffic, NPS doesn't allow you to manipulate the realm so I can't
use find and replace in NPS configuration.
So I tried to send the stripped username from freeradius but the realm
still arrives in the NPS with realm and it giving me the error that the
domain does not exist.
Why the realm os sent even though I said to strip the username in the
proxy.conf file?
Is there alternatively the possibility to do a find and replace in
freeradius?
For the moment I'm using UPNs on the Windows server but it's a workaround
that I wanted to avoid and which takes away the elegance of the
authentication process.
Thank you in advance.
Cristian.
--
Cristian Di Livio
Servizi Informatici Ispettoria Salesiana San Marco
Via dei Salesiani, 15 - 30174 Mestre (VE)
tel.: 041.5498573
More information about the Freeradius-Users
mailing list