[RADIATOR] User-Name is empty in reply
Heikki Vatiainen
hvn at open.com.au
Thu Sep 15 05:45:34 CDT 2011
On 09/15/2011 01:21 PM, Markus Ludwig Grandpre wrote:
Hello Markus,
> when performing inner authentication User-Name attribute value is always
> empty in reply:
Try %x or %X for EAP Identity instead. There may not be a User-Name
RADIUS attribute in the EAP inner authentication, so your option is to
try the EAP Identity.
Actually EAPAnonymous setting does affect things here, but %x or %X may
still be better options to use.
> Code: Access-Accept
> Identifier: 14
> Authentic: <212>[#<152><3><140><169><207>;U;<217>gM<190><8>
> Attributes:
> User-Name = ""
> EAP-Message = <3><7><0><4>
> ...
>
> Format of incomming username and suggested User-Name format in reply is:
>
> x.y at realm
>
> AuthBy definition is:
>
> <AuthBy LDAP2>
> ...
> UsernameAttr cn
> UsernameMatchesWithoutRealm
> ...
> AddToReply User-Name=%U
> EAPType MSCHAP-V2
> ...
> </AuthBy>
>
>
> Can you please explain to me why %U (also %u and %n) is empty.
> Markus
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list