Christoph Litauer <[EMAIL PROTECTED]> wrote:
Please read "proxy.conf".
Well, reading proxy.conf I found the following section:
...
<sigh> The whole purpose of "proxy.conf" is to define realms. There are examples in it of doing exactly what you want. If you're only going to read PART of "proxy.conf", then it would appear you're not prepared to solve your problem.
DEFAULT EAP-Type == PEAP, Proxy-To-Realm := LOCAL
Don't set Proxy-To-Realm. You don't need to.
READ "proxy.conf". ALL OF IT.
Hint: look for "bla.com".
I don't thinks that "LAPLITAUER\litauer" is a LOCAL realm, is it?
You said that you wanted the server to handle requests containing the realm "LAPLITAUER". Since you're not proxying it, that makes it a local realm.
Seems as if I am a little bit dull-witted ... I still can't get it working. And yes, I read lots of manuals, docs, comments in configuration files, etc. Sorry for asking again.
I tried several possibilities to ignore the domain-part of the username. (realm, hints). This stripped username is added to the user list. But every time it should be authenticated, radius complains:
rlm_eap: Identity does not match User-Name, setting from EAP Identity.
... which is correct because e.g. litauer doesn't match ANYDOMAIN\litauer.
Now I wonder if my intended configuration is feasible at all. Alan said "yes", so I still believe it is ...
I googled for the error message and found a discussion in this mailing list about just my problem, but no solution was given (http://www.mail-archive.com/[EMAIL PROTECTED]/msg01274.html).
Any tips are greatly appreciated ...
-- Regards Christoph ________________________________________________________________________ Christoph Litauer [EMAIL PROTECTED] Uni Koblenz, Rechenzentrum, http://www.uni-koblenz.de/~litauer Postfach 201602, 56016 Koblenz Fon: +49 261 287-1311, Fax: -100 1311 PGP-Key: http://www.uni-koblenz.de/~litauer/public-key.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
