Re: Stripping domain names for LDAP filter

Thu, 04 Mar 2004 09:18:22 -0800 

What's your proxy.conf file say?  Do you have a default realm or the
bulldog realm set?


On Thu, 4 Mar 2004, Teoh, Chee wrote:

> Hi All,
>
>
>
> I am having difficulties stripping domain name from RADIUS request
> before sending it to LDAP.  I have the following in the conf file:
>
>
>
> filter = "(uid=%{Stripped-User-Name})"
>
>
>
> However, this produces the following error:
>
>
>
> Thu Mar  4 16:56:47 2004 : Debug: Thread 1 handling request 0, (1
> handled so far)
>
>         User-Name = "[EMAIL PROTECTED]"
>
>         User-Password = "c00kb00k"
>
>         NAS-IP-Address = 255.255.255.255
>
>         NAS-Port = 1
>
> Thu Mar  4 16:56:47 2004 : Debug: modcall: entering group authorize
>
> Thu Mar  4 16:56:47 2004 : Debug:   modcall[authorize]: module
> "preprocess" returns ok
>
> Thu Mar  4 16:56:47 2004 : Debug: rlm_chap: Could not find proper
> Chap-Password attribute in request
>
> Thu Mar  4 16:56:47 2004 : Debug:   modcall[authorize]: module "chap"
> returns noop
>
> Thu Mar  4 16:56:47 2004 : Debug:   modcall[authorize]: module "mschap"
> returns notfound
>
> Thu Mar  4 16:56:47 2004 : Debug:     rlm_realm: Looking up realm
> bulldogdsl.com for User-Name = "[EMAIL PROTECTED]"
>
> Thu Mar  4 16:56:47 2004 : Debug:     rlm_realm: No such realm
> bulldogdsl.com
>
> Thu Mar  4 16:56:47 2004 : Debug:   modcall[authorize]: module "suffix"
> returns noop
>
> Thu Mar  4 16:56:47 2004 : Debug:   modcall[authorize]: module "files"
> returns notfound
>
> Thu Mar  4 16:56:47 2004 : Debug: rlm_ldap: - authorize
>
> Thu Mar  4 16:56:47 2004 : Debug: rlm_ldap: performing user
> authorization for [EMAIL PROTECTED]
>
> Thu Mar  4 16:56:47 2004 : Debug: radius_xlat:  '(uid=)'
>
> Thu Mar  4 16:56:47 2004 : Debug: radius_xlat:
> 'ou=customers,o=bddsl.com'
>
> Thu Mar  4 16:56:47 2004 : Debug: ldap_get_conn: Got Id: 0
>
> Thu Mar  4 16:56:47 2004 : Debug: rlm_ldap: attempting LDAP reconnection
>
> Thu Mar  4 16:56:47 2004 : Debug: rlm_ldap: (re)connect to
> test.bulldogdsl.com:389, authentication 0
>
> Thu Mar  4 16:56:47 2004 : Debug: rlm_ldap: bind as
> cn=root,o=bddsl.com/1234 to test.bulldogdsl.com:389
>
> Thu Mar  4 16:56:47 2004 : Debug: rlm_ldap: waiting for bind result ...
>
> Thu Mar  4 16:56:47 2004 : Debug: rlm_ldap: performing search in
> ou=customers,o=bddsl.com, with filter (uid=)
>
> Thu Mar  4 16:56:47 2004 : Debug: rlm_ldap: object not found or got
> ambiguous search result
>
> Thu Mar  4 16:56:47 2004 : Debug: rlm_ldap: search failed
>
> Thu Mar  4 16:56:47 2004 : Debug: ldap_release_conn: Release Id: 0
>
> Thu Mar  4 16:56:47 2004 : Debug:   modcall[authorize]: module "ldap"
> returns notfound
>
>
>
> It seems that the run-time variable does not work.  I have also tried %U
> which failed also.
>
>
>
> Any help would be appreciated.
>
>
>
> Regards,
>
> -------------
>
> Chee Beng Teoh
>
> Network Engineer
>
>
>
>
>
> ************************************************************************
>
> Registered in England, number 4005262, c/o Hogan and Hartson
>
> LLP, One Angel Court, LONDON, EC2R 7HJ United Kingdom
>
>

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to