Thanks Dustin and Alan, this works!!!
-----Original Message-----
From: Dustin Doris [mailto:[EMAIL PROTECTED]
Sent: Thu 04/03/2004 18:04
To: [EMAIL PROTECTED]
Cc:
Subject: RE: Stripping domain names for LDAP filter
Give this a shot.
Open proxy.conf and put in
realm DEFAULT {
type = radius
authhost = LOCAL
accthost = LOCAL
}
Then restart radiusd.
-Dusty
On Thu, 4 Mar 2004, Teoh, Chee wrote:
> Hi,
>
> I have not modified the proxy.conf file at all. So, no default realm or
> bulldog realm.
>
> Chee.
>
> -----Original Message-----
> From: Dustin Doris [mailto:[EMAIL PROTECTED]
> Sent: 04 March 2004 17:18
> To: [EMAIL PROTECTED]
> Subject: Re: Stripping domain names for LDAP filter
>
> What's your proxy.conf file say? Do you have a default realm or the
> bulldog realm set?
>
>
> On Thu, 4 Mar 2004, Teoh, Chee wrote:
>
> > Hi All,
> >
> >
> >
> > I am having difficulties stripping domain name from RADIUS request
> > before sending it to LDAP. I have the following in the conf file:
> >
> >
> >
> > filter = "(uid=%{Stripped-User-Name})"
> >
> >
> >
> > However, this produces the following error:
> >
> >
> >
> > Thu Mar 4 16:56:47 2004 : Debug: Thread 1 handling request 0, (1
> > handled so far)
> >
> > User-Name = "[EMAIL PROTECTED]"
> >
> > User-Password = "c00kb00k"
> >
> > NAS-IP-Address = 255.255.255.255
> >
> > NAS-Port = 1
> >
> > Thu Mar 4 16:56:47 2004 : Debug: modcall: entering group authorize
> >
> > Thu Mar 4 16:56:47 2004 : Debug: modcall[authorize]: module
> > "preprocess" returns ok
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_chap: Could not find proper
> > Chap-Password attribute in request
> >
> > Thu Mar 4 16:56:47 2004 : Debug: modcall[authorize]: module "chap"
> > returns noop
> >
> > Thu Mar 4 16:56:47 2004 : Debug: modcall[authorize]: module
> "mschap"
> > returns notfound
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_realm: Looking up realm
> > bulldogdsl.com for User-Name = "[EMAIL PROTECTED]"
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_realm: No such realm
> > bulldogdsl.com
> >
> > Thu Mar 4 16:56:47 2004 : Debug: modcall[authorize]: module
> "suffix"
> > returns noop
> >
> > Thu Mar 4 16:56:47 2004 : Debug: modcall[authorize]: module "files"
> > returns notfound
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_ldap: - authorize
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_ldap: performing user
> > authorization for [EMAIL PROTECTED]
> >
> > Thu Mar 4 16:56:47 2004 : Debug: radius_xlat: '(uid=)'
> >
> > Thu Mar 4 16:56:47 2004 : Debug: radius_xlat:
> > 'ou=customers,o=bddsl.com'
> >
> > Thu Mar 4 16:56:47 2004 : Debug: ldap_get_conn: Got Id: 0
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_ldap: attempting LDAP
> reconnection
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_ldap: (re)connect to
> > test.bulldogdsl.com:389, authentication 0
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_ldap: bind as
> > cn=root,o=bddsl.com/1234 to test.bulldogdsl.com:389
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_ldap: waiting for bind result
> ...
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_ldap: performing search in
> > ou=customers,o=bddsl.com, with filter (uid=)
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_ldap: object not found or got
> > ambiguous search result
> >
> > Thu Mar 4 16:56:47 2004 : Debug: rlm_ldap: search failed
> >
> > Thu Mar 4 16:56:47 2004 : Debug: ldap_release_conn: Release Id: 0
> >
> > Thu Mar 4 16:56:47 2004 : Debug: modcall[authorize]: module "ldap"
> > returns notfound
> >
> >
> >
> > It seems that the run-time variable does not work. I have also tried
> %U
> > which failed also.
> >
> >
> >
> > Any help would be appreciated.
> >
> >
> >
> > Regards,
> >
> > -------------
> >
> > Chee Beng Teoh
> >
> > Network Engineer
> >
> >
> >
> >
> >
> >
> ************************************************************************
> >
> > Registered in England, number 4005262, c/o Hogan and Hartson
> >
> > LLP, One Angel Court, LONDON, EC2R 7HJ United Kingdom
> >
> >
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
>
> ************************************************************************
>
> Registered in England, number 4005262, c/o Hogan and Hartson
>
> LLP, One Angel Court, LONDON, EC2R 7HJ United Kingdom
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
************************************************************************
Registered in England, number 4005262, c/o Hogan and Hartson
LLP, One Angel Court, LONDON, EC2R 7HJ United Kingdom
<<winmail.dat>>
