(RADIATOR) passing Realm parameter

Kon Georgopoulos (Alphawest) Kon.Georgopoulos at optus.com.au
Mon Mar 19 01:44:06 CST 2007

Yes, the NAS had the issue. Resolved now thanks.


-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au] 
Sent: Monday, 19 March 2007 4:27 PM
To: Kon Georgopoulos (Alphawest)
Cc: radiator at open.com.au
Subject: Re: (RADIATOR) passing Realm parameter

Hello Kon -

When a NAS sends a username in a radius request, the convention is to  
use "fully-qualified" usernames of the form:

	kon at alphawest.com.au

the user is the string before the "@" symbol and the realm is the  
string after the "@".

In the example above, the user is "kon" and the realm is  

There are a number of special characters available in Radiator during  
packet processing, and these include "%w" which is the user string  
and "%W" which is the realm string - both before any RewiteUsername 
(s) has altered the username.

 From what you describe it sounds like your NAS is sending a strange  
username string, which you can either alter with one or more  
RewriteUsername(s), or you can change your NAS configuration.

hope that helps



On 19 Mar 2007, at 13:49, Kon Georgopoulos ((Alphawest)) wrote:

> Hi Hugh,
> A NAS we have has the ability to modify the radius request messages.
> In short I am not getting the realm parameter passed to the %W
> The username is getting to the %w okay.
> The current format getting passed to radius requests is
> I do notice that when I use a flat file method, the 'detail'  
> accounting
> log has the entry: User-Name="username(realm)[users]"
> Does this look right? I am trying to understand more about the %W
> variable and the expected format.
> Kon.
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.


Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
CATool: Private Certificate Authority for Unix and Unix-like systems.

Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list