(RADIATOR) Username missing from AuthLog using TACACS
Steve Rogers
steve.rogers at fjserv.net
Wed Dec 3 05:41:12 CST 2003
Hi,
We are using TACACS with AuthLog FILE and logging the username from
Access-Requests. Our config file excerpts are below. The problem is that
using %u we never see the username logged from the User-Name attribute
in the radius Access Request. Changing the %u to %{User-Name} works with
no problems.
Config file:
<AuthLog FILE>
Identifier AuthLogger
Filename %L/%Y%m%d-auth.log
SuccessFormat %l:%c:%u:OK
FailureFormat %l:%c:%u:FAIL
LogSuccess 1
LogFailure 1
</AuthLog>
<ServerTACACSPLUS>
Key
AddToRequest NAS-Identifier=TACACS
</ServerTACACSPLUS>
<Realm DEFAULT>
AuthLog AuthLogger
<AuthBy FILE>
Filename tacacs.users
</AuthBy>
AcctLogFileName %L/%Y%m%d-acct.log
</Realm>
Authlog result:
Tue Dec 2 16:05:25 2003:192.168.x.x.::OK
After changing the AuthLog format to use %{User-Name} the logfile looks
like:
Wed Dec 3 10:06:21 2003:192.168.x.x:justin:OK
Using radiator 3.7.1 with latest patches.
Thanks
Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20031203/5de6c72a/attachment.html>
More information about the radiator
mailing list