[RADIATOR] Simple Question Regarding Realm Handling
Heikki Vatiainen
hvn at open.com.au
Thu Feb 24 21:44:15 UTC 2022
On 23.2.2022 23.27, Ullfig, Roberto Alfredo wrote:
> Wed Feb 23 15:03:55 2022: DEBUG: Radius::AuthNTLM REJECT: AuthBy NTLM
> Password check failed: user [user at uic.edu]
> Wed Feb 23 15:03:55 2022: DEBUG: AuthBy NTLM result: REJECT, AuthBy NTLM
> Password check failed
>
> To AD it looks like a wrong password was entered. Why do the NTLM lines
> have "user [user at uic.edu]" - why not just user?
The format is 'value used for authenticating [original username]'. For
example, if username is rewritten, or something else, such as
Calling-Station-Id attribute value, is used to lookup user record, that
value gets logged first.
What follows between [] is the original User-Name as it was received.
The idea is to log information about what's currently used and what was
originally received as User-Name.
In your example, 'user' is passed to NTLM subsystem as authentication
username instead of 'user at uic.edu' that was the value in the incoming
request.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.
More information about the radiator
mailing list