I'm using freeradius 2.1.4, hand compiled, and running on Solaris
10, in a zone.
I've already got my server authorizing off of ldap and
authenticating off of kerberos. What I would like to do is something
slightly trickier. I would like to authorize off ldap and then
authenticate off of kerberos, but using a different username.
Optimally, this would happen by storing the alternate username in ldap,
and then setting the username that will be used to authenticate against
kerberos to this entry. I don't know if I would have to try to change
the User-Name field (which I haven't had luck doing via the users file),
or if there is some way to tell rlm_krb5 "hey, user this username
instead". Worst case, I could create a mapping somewhere in a text file
if needed, but storing the "other" username in ldap would be optimal.
thanks,
Bryan Graham
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
