LDAP AD and SAMCompatibleName
Andrei Katsuk
steep8 at gmail.com
Wed Mar 20 02:33:29 UTC 2024
> So why not just look up "bob"?
>
> The "realm" module can look up suffixes "bob at example.com", and prefixes "REALM\bob". See mods-available/realm
>
What if the user enters the wrong REALM (for example we expect
EXAMPLE\bob but the user writes WRONG\bob ) ?
Will the user be authenticated in this case? I want to reject
authentication in this case.
Also rlm_ldap supports several ldap servers and it seems we can not
just compare all REALMs with known constants.
Thanks,
Andrei
More information about the Freeradius-Users
mailing list