At 12:53 AM 1/5/2002 -0500, Steven J. Sobol wrote:
>My NNTP provider and dialup provider proxy requests for [EMAIL PROTECTED]
>to my FreeRadius server, which is not stripping the realm. For some very
>strange reason, for those people who are in /etc/passwd, they can
>authenticate anyhow. But I'm migrating over to LDAP, and looking for
>[EMAIL PROTECTED],ou=Users,dc=jtnllc,dc=com won't work - the DN of a
>dialup user is uid=user,ou=Users,dc=jtnllc,dc=com (without the suffix).
>
>I need to have the suffix stripped.
>
>I listed justthe.net as a LOCAL realm in /usr/local/etc/raddb/realms,
>but what else do I have to do to get this to work?
Hmmm. I'm not an LDAP guru, but LDAP may need something like the SQL
module which has a 'Stripped-User-Name'.
Also, you can try changing the
filter = "(uid=%u)"
entry in the config. Not sure exactly what this does, but it appears that
you could replace %u with %U.
The various % definitions can be found in 'doc/rlm_detail'. %u is User-Name,
and %U is Stripped-User-Name.
-Chris
--
\\\|||/// \ Chris Parker - Manager, Development Engineering
\ ~ ~ / \ WX *is* Wireless! \ [EMAIL PROTECTED]
| @ @ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Without C we would have 'obol', 'basi', and 'pasal'
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
