> My advice would be to define a local, internal-only attribute in
> /etc/raddb/dictionary:
>
> ATTRIBUTE My-NT-Domain 3003 string
>
> ...and set this in your regexps:
>
> if (User-Name =~ /host[/].+[.]domain.com/) {
> update request {
> My-NT-Domain = "DOMAIN.COM"
> }
> }
> elsif (...) {
> }
>
> ...then in your ntlm_auth helper, do:
>
> ntlm_auth = "... --domain=%{My-NT-Domain:-DEFAULTVALUE} ..."
>
That is brilliant! We are going to deploy a second domain this summer, I was
wondering exactly how I would make our FR server work with both. I am
definitely going to give this a try!
Jake Sallee
Network Engineer
University of Mary Hardin-Baylor
Fone: 254-295-4658
Phax: 254-295-4221
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
