Hello Brad -
Yes, you can use multiple RewriteUsernames to do whaterer is required. regards Hugh On Wed, 30 Jan 2002 16:54, [EMAIL PROTECTED] wrote: > Hello Mr Radiator, > > A further question, if I may ... :-) > > Given the response below, what if I want the best of both worlds ? > > We have an NT4 domain that requires the traditional MS form of > domain\username, but the 2000 domain is fine for [EMAIL PROTECTED] > > Will Radiator be able to handle this in the multi-realm config noted in the > original response below ? > > Regards, > > Brad Cook > Senior Network Engineer > Tourism Queensland > Level 10 Tourism Qld House > 30 Makerston St > Brisbane, Australia�� 4000 > > Ph:���� +61 7 3535 5504 > Fax:��� +61 7 3535 5246 > mailto:[EMAIL PROTECTED] > web : http://www.tq.com.au > > >> Hello, > >> > >> I'm in the process of setting up my eval copy of Radiator 2.19 to > >> authenticate users dialing into my NT domain via an Ascend NAS. > >> > >> No issue with the single NT4 domain , hopefully , but what if I want to > > be > > >> able to deal with users who might specify either that NT4 or our other > >> native Win2000 domain in their login settings ? > >> > >> Our aim is that the user will specify the username+domain they require > > in > > >> their dialin profile settings (as per LAN login) , have the NAS pass > > the > > >> relevant details to the RADIUS server and have it deal with polling the > >> requisite domain controller/ AD server. > >> > >> Can I expect to have issues, or do you have a recommended way of > > dealing > > >> with dialin users hitting a single NAS to gain access either one of two > >> domains ? > >> > >> This is a common situation. > >> You would usually deal withthis in your Radaitor configuration by > > creating 3 > > >> realm clauses. One that handles username@domain1, one for > > username@domain2, > > >> and one to handle just username. Somthing like this: > > > > .... > > <Realm domain1.tq.com.au> > > # strip the realm > > RewriteUsername s/^([^@]+).*/$1/ > > <AuthBy NT> > > Domain domain1 > > .... > > </AuthBy> > > </Realm> > > <Realm domain2.tq.com.au> > > # strip the realm > > RewriteUsername s/^([^@]+).*/$1/ > > <AuthBy NT> > > Domain domain2 > > .... > > </AuthBy> > > </Realm> > > > > # If they dont have a realm, auth from domain1 > > <Realm DEFAULT> > > # strip the realm > > RewriteUsername s/^([^@]+).*/$1/ > > <AuthBy NT> > > Domain domain1 > > .... > > </AuthBy> > > </Realm> > > > > > > with only a little more effort, you users can use the domain\username > > form > > > instead of username@domain, but this may be incompatible with global > > roaming > > > or other plans you might have. > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
