Perfect, works wonderfully. Thanks for the pointer. The winning statement
was...
DEFAULT User-Name =~ "^([...@]+)([...@])([...@]+)"
User-Name := "%{1}+%{3}"
This will transform "stri...@stringb" to "string1+stringb"
Thank you
Larry
>Currently my institution allows for registered users to create guest accounts
>for visitors to enable wireless access for the guest users (Wireless access is
>controlled via Captive Portal/PAP with a Kerberos Directory backend)..
>Registered users create the guest accounts using the guest users eMail
>address, such as [email protected] [email protected] etc etc etc. This poses a
>slight problem though as the "@" sign is a reserved character for Kerberos and
>thus principles with the "@" cannot be created within our KDC. To solve this
>problem the account generation application substitutes the "@" for a "+" (so
>kerberos principles are created in the form jdoe+gmail.com jdoe+hotmail.com).
>If guest users remember to sub a "+" for their "@" all is well, however often
>times people forget this and get stuck wondering why their username
>[email protected] is failing when they have been assured all is well.
>To completely eradicate this situation we would like to place a Freeradius
>instance in place of our proprietary radius solution and have it perform the
>substitution during authentication, so neither the Guest or registered user
>need concern themselves with the whole "@" "+" thing (so from their standpoint
>the principle is [email protected] nice and easy... for them ;)
>I have been trying to determine the best way to accomplish this and would
>greatly appreciate any ideas as to how this may be completed.
Use regex to rewrite usernames with @ in them. You have some examples on
the wiki:
http://wiki.freeradius.org/Adding%2C_Removing%2C_Modifying_Attributes_for_further_processing
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
