(RADIATOR) Username in EAP requests
Peter Bates
Peter.Bates at lshtm.ac.uk
Tue Oct 24 10:20:05 CDT 2006
Hello all...
I suspect I'm logging the wrong username with our current
PEAP setup, as I'm occasionally seeing 'anonymous at myabc.com'
which is distinctly not a user in our backend directory (eDirectory).
'AuthBy TestUP' is the identifier for an AuthBy LDAP2 group
which authenticates against eDirectory using LDAP.
<Handler TunnelledByPEAP=1>
AuthBy TestUP
RejectHasReason
</Handler>
<Handler Client-Identifier=xxx>
<AuthBy FILE>
Filename %D/users.anonymous
EAPType ... etc. .etc.
</AuthBy>
AuthLog authlog
RejectHasReason
</Handler>
'authlog' is an identifier for an AuthLog FILE group:
<AuthLog FILE>
Identifier authlog
Filename %L/auth
LogSuccess 1
LogFailure 1
SuccessFormat %l client=%C clientip=%c nasip=%N \
user=%n pass=(password) result=OK
FailureFormat %l client=%C clientip=%c nasip=%N \
user=%n pass=(password) result=FAIL
</AuthLog>
I guess I should have the logging in the inner (TunnelledByPEAP)
request
but be logging something other than %n for the username?
Thanks.
--
--------------------------------------------------------------------------------------------------->
Peter Bates, Systems Support Officer, IT Services.
London School of Hygiene & Tropical Medicine.
Telephone:0207-958 8353 / Fax: 0207- 636 9838
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list