(RADIATOR) Why does this ReqriteUsername not work
Hugh Irvine
hugh at open.com.au
Mon Dec 22 20:01:51 CST 2003
Hello Berndt -
What version of Radiator are you running?
There was a fix for RewriteUsername in the latest patches.
And could you please send me a more complete trace 4 debug showing the
whole packet sequence?
regards
Hugh
On 22/12/2003, at 6:59 PM, Sevcik Berndt wrote:
> My Problem is the following. When I look at the debug output from
> Radius
> the following is seen:
> Code: Access-Request
> Identifier: 60
> Authentic: Z<<0><0><242>><0><0>(<7><0><0><245><7><0><0>
> Attributes:
> Message-Authenticator =
> vx^<127>;<244><11>;<197>k<19><150><254><196><253><168>
> User-Name = "ACER-SEVCIK\sevcikb"
> State = ""
> NAS-IP-Address = 10.2.12.101
> NAS-Port = 2
> NAS-Port-Type = Wireless-IEEE-802-11
> Calling-Station-Id = "00-04-23-77-4b-a3"
> Framed-MTU = 1000
> EAP-Message = <2><10><0>&<25><0><23><3><1><0><27>{
>
> He shows me the Username in the Form HOST\UserID.
>
> When I look at the LDAP Server he receives a query like:
> Dec 22 08:54:03 edu-pdc01 slapd[23258]: conn=36796 op=1 SRCH
> base="dc=tgm,dc=ac,dc=at" scope=2 filter="(uid=ACER-SEVCIKsevcikb)"
>
> The Form HostUserID
>
> Why is this so (fo this output I deactivated the reqrite Username)
>
> I think thats also the reasson why my RewriteUsername is not working
>
> Need urgent help.
>
> Berndt
>
> My config:
> Foreground
> LogStdout
> LogDir .
> DbDir .
>
> Trace 4
>
> <Client DEFAULT>
> Secret xxx
> DupInterval 0
> </Client>
>
> <Handler TunnelledByPEAP=1>
>
> # RewriteUsername s/^(.*)\\(.*)/$2/
>
> <AuthBy LDAP2>server
> Host 10.2.4.21
> AuthDN cn=admin, dc=tgm, dc=ac, dc=at
> AuthPassword password
> BaseDN dc=tgm, dc=ac, dc=at
> UsernameAttr uid
> PasswordAttr ntPassword
> Debug 255
> EAPType MSCHAP-V2
> </AuthBy>
> </Handler>
>
> <Handler>
> <AuthBy FILE>
> Filename %D/users
> EAPType PEAP
> EAPTLS_CAFile %D/certificates/demoCA/cacert.pem
> EAPTLS_CertificateFile %D/certificates/cert-srv.pem
> EAPTLS_CertificateType PEM
> EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem
> EAPTLS_PrivateKeyPassword whatever
> EAPTLS_MaxFragmentSize 1000
> AutoMPPEKeys
> SSLeayTrace 4
> </AuthBy>
> </Handler>
> --
> Diese Message wurde erstellt mit freundlicher Unterstuetzung
> eines freilaufenden Pinguins aus artgerechter Freilandhaltung.
> Sie ist garantiert frei von Microsoftschen Viren.
>
> -----------------------------------------
> TGM - Die Schule der Technik
> IT-Service
> A-1200 Wien, Wexstr. 19-23
> Tel. +43(1)33126/316 Fax: +43(1)33126/154
> E-Mail: berndt.sevcik at tgm.ac.at
> -----------------------------------------
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list