[RADIATOR] Stripping realm in AuthBy LSA oject
Heikki Vatiainen
hvn at open.com.au
Mon Jan 16 09:29:08 CST 2012
On 01/16/2012 05:25 PM, Alex Sharaz wrote:
Hell Alex,
> I’ve got Radiator 4.9 running on a windoze server. Users need to
> authenticate with a UserName of the form user at scar.hull.ac.uk
> <mailto:user at scar.hull.ac.uk> against an Active Directory whose
> usernames do not include a realm.
>
> Is the following the correct way to strip out the realm from the
> UserName in order to authenticate against AD with just the “user”
> component of the UserName?
Try UsernameMatchesWithoutRealm instead of RewriteUsername. That should
work while keeping the original User-Name intact.
Heikki
> <Handler Realm=scar.hull.ac.uk>
>
> AuthBy lsaAuth
>
> Authlog logfile
>
> EAPType PEAP,TTLS, MSCHAP-V2 TLS
>
> EAPTLS ……
>
> Stripfromreply ……..
>
> Addtoreply ……..
>
> </Handler>
>
>
>
> Where lsaAuth is
>
>
>
> <AuthBY LSA>
>
> Identifier lsaAuth
>
> ReWriteUsername s/^([^@]+).*/$1/
>
> SSLeayTracve 4
>
> Domain SCAR
>
> DefaultDomain SCAR
>
> EAPType PEAP,TTLS, MSCHAP-V2,TLS
>
> …..
>
> </AuthBy>
>
>
>
> **************************************************************
> To view the terms under which this email is distributed
> please go to http://www2.hull.ac.uk/legal/disclaimer.aspx
> **************************************************************
>
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list