Re: freeradius 2 character delimiter in realm problem
Jacob Jarick wrote: > How would I then tell radius to remove the "domain\\" from "domain\\user" Configure the "ntdomain" instance of the "realms" module, and make sure it's listed in the "authorize" section. Then, configure the realm by name in proxy.conf. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius 2 character delimiter in realm problem
How would I then tell radius to remove the "domain\\" from "domain\\user" On 4/13/07, Alan DeKok <[EMAIL PROTECTED]> wrote: > Jacob Jarick wrote: > > Hello, I am researching my current problem with freeradius not > > authenticating. > > > > The user is rejected because the name is not found, our AD (w2k3) > > sends usernames to freeradius in this format "domainname\\username". > > That's not a 2-character delimiter. It's a backslash, escaped. > > > I have tried enabling the nt hack under the ldap section with no luck. > > There's an nt hack in the LDAP section? > > > 1 Is \\ actually \ escaped ? > > Yes. > > > 2 can you have 2 character delimiters (despite what the config comments > > claim) > > No. > > Alan DeKok. > -- > http://deployingradius.com - The web site of the book > http://deployingradius.com/blog/ - The blog > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius 2 character delimiter in realm problem
Jacob Jarick wrote: > Hello, I am researching my current problem with freeradius not authenticating. > > The user is rejected because the name is not found, our AD (w2k3) > sends usernames to freeradius in this format "domainname\\username". That's not a 2-character delimiter. It's a backslash, escaped. > I have tried enabling the nt hack under the ldap section with no luck. There's an nt hack in the LDAP section? > 1 Is \\ actually \ escaped ? Yes. > 2 can you have 2 character delimiters (despite what the config comments claim) No. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius 2 character delimiter in realm problem
Hello, I am researching my current problem with freeradius not authenticating. The user is rejected because the name is not found, our AD (w2k3) sends usernames to freeradius in this format "domainname\\username". I have tried enabling the nt hack under the ldap section with no luck. reading through the comments in /etc/raddb/radiusd.conf under the ldap module section I found this though. # Four config options: # format - must be 'prefix' or 'suffix' # delimiter - must be a single character # ignore_default - set to 'yes' or 'no' # ignore_null- set to 'yes' or 'no' and the setting for realmntdomain # # 'domain\user' # realm ntdomain { format = prefix delimiter = "\\" ignore_default = no ignore_null = no } so this leads me to two questions. 1 Is \\ actually \ escaped ? 2 can you have 2 character delimiters (despite what the config comments claim) Cheers for any info. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html