[RADIATOR] changing from auth by file to auth by pam

Richard Dunne richard.dunne at dit.ie
Fri Aug 19 05:05:05 CDT 2011 

Hello all 

 

Im having a problem moving from Auth by FILE to PAM 

 

The handler is <Handler TunnelledByPEAP=1, Realm=linux.com>

        <AuthBy FILE>

                Filename %D/users

                #Service passwd

                UsernameMatchesWithoutRealm

                AddToReply Extreme-Netlogin-Vlan = cccc

                EAPType MSCHAP-V2

        </AuthBy>

</Handler>

 

Works perfect and  give the following, rewrites the username to pat. Which
is perfect 

 

Fri Aug 19 11:13:31 2011: DEBUG: Handling request with Handler
'TunnelledByPEAP=1, Realm=linux.com'

Fri Aug 19 11:13:31 2011: DEBUG:  Deleting session for pat at linux.com,
172.30.3.251, 

Fri Aug 19 11:13:31 2011: DEBUG: Handling with Radius::AuthFILE: 

Fri Aug 19 11:13:31 2011: DEBUG: Handling with EAP: code 2, 233, 68, 26

Fri Aug 19 11:13:31 2011: DEBUG: Response type 26

Fri Aug 19 11:13:31 2011: DEBUG: Reading users file ./users

Fri Aug 19 11:13:31 2011: DEBUG: Radius::AuthFILE looks for match with pat
[pat at linux.com]

Fri Aug 19 11:13:31 2011: DEBUG: Radius::AuthFILE REJECT: No such user: pat
[pat at linux.com]

Fri Aug 19 11:13:31 2011: DEBUG: EAP result: 1, EAP MSCHAP V2 failed: no
such user pat

Fri Aug 19 11:13:31 2011: DEBUG: AuthBy FILE result: REJECT, EAP MSCHAP V2
failed: no such user pat

Fri Aug 19 11:13:31 2011: INFO: Access rejected for pat at linux.com: EAP
MSCHAP V2 failed: no such user pat

Fri Aug 19 11:13:31 2011: DEBUG: Returned PEAP tunnelled packet dump:

 

 

 

When I change it to auth by PAM

 

Handler becomes 

The handler is <Handler TunnelledByPEAP=1, Realm=linux.com>

        <AuthBy PAM>

                Service passwd

                UsernameMatchesWithoutRealm

                AddToReply Extreme-Netlogin-Vlan = cccccccccccccc

                EAPType MSCHAP-V2

        </AuthBy>

</Handler>

 

I get an error which is using the full username pat at linux.com. I need the
@linux.conm removed 

Fri Aug 19 11:25:21 2011: DEBUG: Handling request with Handler
'TunnelledByPEAP=1, Realm=linux.com'

Fri Aug 19 11:25:21 2011: DEBUG:  Deleting session for pat at linux.com,
172.30.3.251, 

Fri Aug 19 11:25:21 2011: DEBUG: Handling with PAM service login

Fri Aug 19 11:25:21 2011: DEBUG: PAM is asking for 1: 'Password'

Fri Aug 19 11:25:23 2011: DEBUG: AuthBy PAM result: REJECT, User not known
to the underlying authentication module: 

Fri Aug 19 11:25:23 2011: INFO: Access rejected for pat at linux.com: User not
known to the underlying authentication module: 

Fri Aug 19 11:25:23 2011: DEBUG: Returned PEAP tunnelled packet dump:

 

 

IM using the UsernameMatchesWithoutRealm and some regexp rewrite , but the
damn @linux won't go away .

 

 

 

Any ideas ?

 

Regards  Richard 

 

 

 


This message has been scanned for content and viruses by the DIT Information Services E-Mail Scanning Service, and is believed to be clean. http://www.dit.ie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20110819/1e13377b/attachment-0001.html

More information about the radiator mailing list