(RADIATOR) Why does this ReqriteUsername not work

Hugh Irvine hugh at open.com.au
Mon Dec 22 20:01:51 CST 2003


Hello Berndt -

What version of Radiator are you running?

There was a fix for RewriteUsername in the latest patches.

And could you please send me a more complete trace 4 debug showing the 
whole packet sequence?

regards

Hugh


On 22/12/2003, at 6:59 PM, Sevcik Berndt wrote:

> My Problem is the following. When I look at the debug output from 
> Radius
> the following is seen:
> Code:       Access-Request
> Identifier: 60
> Authentic:  Z<<0><0><242>><0><0>(<7><0><0><245><7><0><0>
> Attributes:
>         Message-Authenticator =
> vx^<127>;<244><11>;<197>k<19><150><254><196><253><168>
>         User-Name = "ACER-SEVCIK\sevcikb"
>         State = ""
>         NAS-IP-Address = 10.2.12.101
>         NAS-Port = 2
>         NAS-Port-Type = Wireless-IEEE-802-11
>         Calling-Station-Id = "00-04-23-77-4b-a3"
>         Framed-MTU = 1000
>         EAP-Message = <2><10><0>&<25><0><23><3><1><0><27>{
>
> He shows me the Username in the Form HOST\UserID.
>
> When I look at the LDAP Server he receives a query like:
> Dec 22 08:54:03 edu-pdc01 slapd[23258]: conn=36796 op=1 SRCH
> base="dc=tgm,dc=ac,dc=at" scope=2 filter="(uid=ACER-SEVCIKsevcikb)"
>
> The Form HostUserID
>
> Why is this so (fo this output I deactivated the reqrite Username)
>
> I think thats also the reasson why my RewriteUsername is not working
>
> Need urgent help.
>
> Berndt
>
> My config:
> Foreground
> LogStdout
> LogDir          .
> DbDir           .
>
> Trace           4
>
> <Client DEFAULT>
>         Secret  xxx
>         DupInterval 0
> </Client>
>
> <Handler TunnelledByPEAP=1>
>
>   # RewriteUsername s/^(.*)\\(.*)/$2/
>
>         <AuthBy LDAP2>server
>                 Host            10.2.4.21
>                 AuthDN          cn=admin, dc=tgm, dc=ac, dc=at
>                 AuthPassword    password
>                 BaseDN          dc=tgm, dc=ac, dc=at
>                 UsernameAttr    uid
>                 PasswordAttr    ntPassword
>                 Debug 255
>                 EAPType MSCHAP-V2
>         </AuthBy>
> </Handler>
>
> <Handler>
>         <AuthBy FILE>
>                 Filename %D/users
>                 EAPType PEAP
>                 EAPTLS_CAFile %D/certificates/demoCA/cacert.pem
>                 EAPTLS_CertificateFile %D/certificates/cert-srv.pem
>                 EAPTLS_CertificateType PEM
>                 EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem
>                 EAPTLS_PrivateKeyPassword whatever
>                 EAPTLS_MaxFragmentSize 1000
>                 AutoMPPEKeys
>                 SSLeayTrace 4
>         </AuthBy>
> </Handler>
> -- 
> Diese Message wurde erstellt mit freundlicher Unterstuetzung
> eines freilaufenden Pinguins aus artgerechter Freilandhaltung.
> Sie ist garantiert frei von Microsoftschen Viren.
>
> -----------------------------------------
> TGM - Die Schule der Technik
> IT-Service
> A-1200 Wien, Wexstr. 19-23
> Tel. +43(1)33126/316 Fax: +43(1)33126/154
> E-Mail: berndt.sevcik at tgm.ac.at
> -----------------------------------------
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list