Thanks for help :)
But it does not work :(
Here is my radiusd.conf
---
ldap {
server = "localhost"
identity = "uid=Admin,ou=Staff,dc=example,dc=com"
password = secret
basedn = "ou=People,dc=example,dc=com"
filter =
"(uid=%{Stripped-User-Name:-%{User-Name}},ou=%{Realm})"
.... Realm section is still untouched
#
# Using this entry, IPASS users have their realm set to "IPASS".
realm IPASS {
format = prefix
delimiter = "/"
ignore_default = no
ignore_null = no
}
#
realm suffix {
format = suffix
delimiter = "@"
ignore_default = no
ignore_null = no
}
# 'username%realm'
#
realm realmpercent {
format = suffix
delimiter = "%"
ignore_default = no
ignore_null = no
}
#
# 'domain\user'
#
realm ntdomain {
format = prefix
delimiter = "\\"
ignore_default = no
ignore_null = no
}
------------
Below is debug:
modcall: entering group authorize for request 0
rlm_realm: Looking up realm "example.com" for User-Name = "example.com"
rlm_realm: No such realm "example.com"
modcall[authorize]: module "suffix" returns noop for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "attr_filter" returns noop for request 0
rlm_realm: Looking up realm "example.com" for User-Name =
[EMAIL PROTECTED]
rlm_realm: No such realm "example.com"
modcall[authorize]: module "suffix" returns noop for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
modcall[authorize]: module "files" returns notfound for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for [EMAIL PROTECTED]
radius_xlat: '([EMAIL PROTECTED],ou=)'
radius_xlat: 'ou=People,dc=example,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as uid=Admin,ou=Staff,dc=example,dc=com/secret to
localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter
([EMAIL PROTECTED],ou=)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns notfound for request 0
...
As you can see ou is empty.
----- Original Message -----
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; "FreeRadius users mailing list"
<[email protected]>
Sent: Thursday, September 22, 2005 9:34 PM
Subject: Re: Realm extraction
> "Dmitry Alekhin" <[EMAIL PROTECTED]> wrote:
> > I am new in free radius , so I have one question: How can I exctract
Realm attribute in
> > radiusd.conf name?
>
> Use the "Realm" attribute. The debug log will show you that the
> "realm" module is adding this attribute.
>
> Alan DeKok.
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
