Well I have found the answer. In the proxy realm I've put nostrip and it is working now.2006/5/18, wekz <[EMAIL PROTECTED]>:
Hello everyone,I've configured a freeradius 1.1.1 + LDAP for eap-tls authentication with domains.
authorize { preprocess ntdomain ...}realm host { type = radius authhost = LOCAL
accthost = LOCAL strip}This configuration gives an error: rlm_eap: Identity does not match User-Name, setting from EAP Identity.When I enable with_ntdomain_hack in eap.conf
it works quite well. Could anyone tell me why it's neccesary?
The problem is that this secondary_radius do proxy when it doesn't find the user in its LDAP and the master_radius gives this error: rlm_eap: Identity does not match User-Name, setting from EAP Identity.
I've tried in master_radius the same configuration with and without ntdomain_hack and it fails.I've been thinking of adding the realm before the secondary do proxy,
so the master could treat the request as it's been local. But I don't
like this too much.
Does anyone have a better idea of what to do?Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
