(RADIATOR) passing Realm parameter

Hugh Irvine hugh at open.com.au
Sun Mar 18 23:27:24 CST 2007


Hello Kon -

When a NAS sends a username in a radius request, the convention is to  
use "fully-qualified" usernames of the form:

	kon at alphawest.com.au

the user is the string before the "@" symbol and the realm is the  
string after the "@".

In the example above, the user is "kon" and the realm is  
"alphawest.com.au".

There are a number of special characters available in Radiator during  
packet processing, and these include "%w" which is the user string  
and "%W" which is the realm string - both before any RewiteUsername 
(s) has altered the username.

 From what you describe it sounds like your NAS is sending a strange  
username string, which you can either alter with one or more  
RewriteUsername(s), or you can change your NAS configuration.

hope that helps

regards

Hugh


On 19 Mar 2007, at 13:49, Kon Georgopoulos ((Alphawest)) wrote:

> Hi Hugh,
>
> A NAS we have has the ability to modify the radius request messages.
> In short I am not getting the realm parameter passed to the %W
> The username is getting to the %w okay.
>
> The current format getting passed to radius requests is
> <USERNAME>(<REALM>)
> I do notice that when I use a flat file method, the 'detail'  
> accounting
> log has the entry: User-Name="username(realm)[users]"
>
> Does this look right? I am trying to understand more about the %W
> variable and the expected format.
>
> Kon.
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list