(RADIATOR) RewriteUsername and logging
Hugh Irvine
hugh at open.com.au
Sat Sep 28 19:04:32 CDT 2002
Hello Jeremy -
Depending on the rest of your configuration file, you could use
Handlers like this:
# define Handlers
<Handler Request-Type = Accounting-Request>
# do accounting
RewriteUsername .....
<AuthBy INTERNAL>
AcctResult ACCEPT
</AuthBy>
AcctLogFileName ...
</Handler>
<Handler>
# do authentication
<AuthBy LDAP2>
....
</AuthBy>
</Handler>
regards
Hugh
On Sunday, September 29, 2002, at 05:26 AM, Jeremy Hinton wrote:
> Greetings all,
>
> I'm having a bit of a puzzle i cant seem to figure out. I am using an
> AuthBy LDAP2 clause to auth with an LDAP server. The LDAP
> schema is built as uid=<username>,cn=<realm>. Since most of my users
> log in w/out specifying a realm, i have a DefaultRealm specified in my
> Client clause. This works no problem. However, my billing system,
> which reads the Accounting logs, doesn't like seeing the realm tagged
> on the end of the username, and needs it to be stripped off. If i put
> a RewriteUsername in my Handler, it strips the realm off before the
> AuthBy LDAP2 occurs, and breaks it. I suppose i could run 2 separate
> servers, one for auth and another for accounting, with the accounting
> one stripping the realm, but that seems like a bit of overkill. Or, i
> could put the rewrite in an AuthBy GROUP clause just for the
> accounting part, but i'd need an AuthBy module that did normal radius
> accounting (and disable accounting in the realm/hanlder), and i
> haven't found one that does. Any suggestions?
>
> - jeremy
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list