Hello!
El Viernes, 18 de Marzo de 2005 19:42, Alan DeKok escribi�:
> David Manchado <[EMAIL PROTECTED]> wrote:
> > I want to force that the whole realm adsl.realm1 must be rewritten as
> > adsl.realm1.com so I won't have to add the same user as
> > [EMAIL PROTECTED] and [EMAIL PROTECTED]
>
> That's just re-writing the User-Name attribute, or adding a Realm
> attribute of the appropriate value.
>
>
> DEFAULT User-Name =~ "adsl\.realm1$", Realm := "adsl.realm1.com"
I supposed it might not be too difficult... the main problem was I did no know
where to apply the rewrite. Thanks a lot for your help Alan!
Here's is what I have had to config to make it work:
in radius.conf
...
modules {
...
attr_rewrite rewrite_realm {
attribute = User-Name
# may be "packet", "reply", "proxy", "proxy_reply" or "config"
searchin = packet
searchfor = "^(.*)@adsl\.realm1$"
replacewith = "[EMAIL PROTECTED]"
ignore_case = no
new_attribute = no
max_matches = 10
## If set to yes then the replace string will be appended to
the original string
append = no
}
...
authorize {
rewrite_realm
preprocess
...
preacct {
rewrite_realm
preprocess
...
If I put it into 'preprocess' it seems to skip in at startup so I loaded the
module before.
Module: Loaded preprocess
preprocess: huntgroups = "/etc/freeradius/huntgroups"
preprocess: hints = "/etc/freeradius/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
In order to perform accounting with the translated User-Name it's necessary to
load it in preacct and authorize sections.
Regards,
David
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
