On 01/16/2012 05:25 PM, Alex Sharaz wrote: Hell Alex,
> I’ve got Radiator 4.9 running on a windoze server. Users need to > authenticate with a UserName of the form [email protected] > <mailto:[email protected]> against an Active Directory whose > usernames do not include a realm. > > Is the following the correct way to strip out the realm from the > UserName in order to authenticate against AD with just the “user” > component of the UserName? Try UsernameMatchesWithoutRealm instead of RewriteUsername. That should work while keeping the original User-Name intact. Heikki > <Handler Realm=scar.hull.ac.uk> > > AuthBy lsaAuth > > Authlog logfile > > EAPType PEAP,TTLS, MSCHAP-V2 TLS > > EAPTLS …… > > Stripfromreply …….. > > Addtoreply …….. > > </Handler> > > > > Where lsaAuth is > > > > <AuthBY LSA> > > Identifier lsaAuth > > ReWriteUsername s/^([^@]+).*/$1/ > > SSLeayTracve 4 > > Domain SCAR > > DefaultDomain SCAR > > EAPType PEAP,TTLS, MSCHAP-V2,TLS > > ….. > > </AuthBy> > > > > ************************************************************** > To view the terms under which this email is distributed > please go to http://www2.hull.ac.uk/legal/disclaimer.aspx > ************************************************************** > > > > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
