Hello Denis, Do you mind sharing both sites-enabled/packetfence and sites-enabled/packetfence-tunnel ?
> So, where do I need to rewrite User-Name for passing it to PacketFence, > in radius conf files ? in packetfence.pm ? That kind of stuff should be done in sites-enabled/* since FreeRADIUS already have all the modules to do that. Thanks Cheers! dw. — Derek Wuelfrath [email protected] :: www.inverse.ca +1.514.447.4918 (x110) :: +1.866.353.6153 (x110) Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) On Oct 10, 2014, at 9:42, denis bonnenfant <[email protected]> wrote: > Hi, > > I'm trying to setup host-based 802.1x authentification for windows hosts > against an old-style samba3/openldap domain ( /*NOT*/ AD ). > > Basically, computer identify itself with User-Name = host/COMPUTERNAME, > while ldap needs > uid = computerame$ > > With > > if (User-Name =~ /host\/(.*)/i) { > update request { > Stripped-User-Name = "%{1}$"; > } > } > > added in authorize group in packetfence-tunnel, Radius 802.1x auth is > working. But unstripped User-Name is passed to packetfence, preventing > it to match ldap user rules. > > I tried to define User-Name the same way in many other places in > packetfence or packetfence-tunnel, without success. > > So, where do I need to rewrite User-Name for passing it to PacketFence, > in radius conf files ? in packetfence.pm ? > > Thanks > > Denis Bonnenfant > > ------------------------------------------------------------------------------ > Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer > Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports > Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper > Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer > http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
