On 02/06/2013 12:12 PM, [email protected] wrote: >> What isn't working is if the username is domain\username. Is there a way >> to strip off the domain\ portion before it gets passed to AD ? > > can you overwrite what is passed through - eg use 'Domain' or 'DomainFormat' > to change > what is actually sent?
Yes, empty 'Domain' should do it. By default 'Domain' is undefined and if it's undefined any domain\ that comes with User-Name is used. Using 'Domain' with empty value should clear out anything the user has defined. Also, the domain\ prefix is never passed to LSA as a part of username. The domain is passed as a separate argument with its value depending on what the username originally had and how Domain and DefaultDomain were set. Thanks, Heikki -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
