I have more hints trouble on another radius server. I want to look for a
realm and strip it if it is there, else, send on the username untouched.
Using a config that Alan gave me a while back to do the opposite I
entered the below in my hints. Thought this would be easy but I am just
not getting something. I think the two values I have tried to use
(Stripped-User-Name and Strip-User-Name) are not yet set which is why
the username comes up blank. So, how to strip the realm from the
username and set User-Name to that?
I have this in my hints:
DEFAULT User-Name =~ ".*@", NAS-IP-Address == "69.39.33.242"
User-Name := "%{Stripped-User-Name}"
# also tried Strip-User-Name in place of Stripped-User-Name with same
#result
The parts of the radiusd -X I think are pertinent follow:
rad_recv: Access-Request packet from host 69.39.33.242:1812, id=177,
length=205
User-Name = "[EMAIL PROTECTED]"
--snip--
hints: Matched DEFAULT at 80 <-- this is the entry above from hints
radius_xlat: '' <-- Stripped-User-Name not set yet?
--snip--
rlm_realm: No '@' in User-Name = "", looking up realm NULL
--snip--
auth: Failed to validate the user.
Login incorrect: [/boilers1] (from client NAS0hpr1ABI port 14081)
^^-- so username is definately set to null
Here is the full radiusd -X for this user:
rad_recv: Access-Request packet from host 69.39.33.242:1812, id=177,
length=205
User-Name = "[EMAIL PROTECTED]"
User-Password = "passhere"
NAS-IP-Address = 69.39.33.242
NAS-Identifier = "69.39.33.242"
NAS-Port = 14081
Acct-Session-Id = "[EMAIL PROTECTED]"
USR-Interface-Index = 0
USR-Supports-Tags = 0
Service-Type = Login-User
USR-Chassis-Call-Slot = 56
USR-Chassis-Call-Span = 1
USR-Chassis-Call-Channel = 1
USR-Connect-Speed = NONE
NAS-Port-Type = Virtual
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
hints: Matched DEFAULT at 80
radius_xlat: ''
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
modcall[authorize]: module "mschap" returns noop for request 2
modcall[authorize]: module "digest" returns noop for request 2
rlm_realm: No '@' in User-Name = "", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 2
users: Matched DEFAULT at 151
users: Matched DEFAULT at 330
modcall[authorize]: module "files" returns ok for request 2
modcall: group authorize returns ok for request 2
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
modcall[authenticate]: module "unix" returns notfound for request 2
modcall: group authenticate returns notfound for request 2
auth: Failed to validate the user.
Login incorrect: [/boilers1] (from client NAS0hpr1ABI port 14081)
As always, help is greatly appreciated.
--
Lewis Bergman
Texas Communications
4309 Maple St.
Abilene, TX 79602-8044
Off. 325-691-1301
Cell 325-439-0533
fax 325-695-6841
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
