Dow, Corey wrote:
> I'm trying to setup an XP supplicant that authenticates through my NAS to an
> OpenLDAP server. The problem is that the native authentication provided by MS
> shows the user as MYDOMAIN\\user or MYPC\\user. As a result, the LDAP
> searches fail to find this user.
>
> The radiusd.conf file shows with_nt_domain_hack as a way to strip this. I
> tried this and it works for MD5 but not for PEAP. With PEAP, there is a
> notification that the eap identity doesn't match.
You can also try replacing the %{User-Name} text in the LDAP query
with %{mschap:User-Name}. The MS-CHAP module will return the correct
user name, *without* affecting anything else.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
