Hi,
> We pass hostname$ to ntlm_auth by rewriting the User-Name attribute as
> follows:
>
>
>
> attr_rewrite machine_UserName {
>
> attribute = User-Name
>
> searchin = packet
>
> searchfor = "^host/(.*).domain.name"
>
> replacewith = "%{1}$"
>
> ignore_case = yes
>
> new_attribute = no
>
> max_matches = 1
>
> append = no
>
> }
>
>
>
> To change from host/hostname.domain.name to hostname$. Then, include
> machine_UserName in the authorize and authenticate sections before
> mschap.
why? with recent versions of FreeRADIUS this just works(tm) with no rewriting
needed
- just ensure that the ntlm_auth line has the correct arguments and
you have the ntdomain stuff turned on .
we used to have all kinds of hacky stuff in our config...almost all
of it is now wiped away with a small spattering of unlang here
and there for utility
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
