I am using freeradius (0.9) to proxy RADIUS packets.
I have run into a possible bug. A username with a Windows domain
prepended to the user in the format "CC\\username" gets proxied in the
format "C\\username"; because the domain is "CC" the authentication
fails:
(irrelevant AVs snipped from log)
rad_recv: Access-Request packet from host XXXXX:39872, id=112,
length=153
User-Name = "CC\\ujaa003"
...
Sending Access-Request of id 4 to 134.219.201.70:1812
User-Name = "C\\ujaa003"
...
rad_recv: Access-Reject packet from host XXXXX:1812, id=4,
length=47
Proxy-State = 0x313132
MS-CHAP-Error = "\000E=691 R=0 V=3"
...
Sending Access-Reject of id 112 to XXXXXX:39872
MS-CHAP-Error = "\000E=691 R=0 V=3"
Likewise, a username in the format "CCC\\username" gets proxied in the
format "CC\\username", and this succeeds.
Also, username in the format "username" (ie. without "DOMAIN\\"
prepended) works as well.
So, it looks like freeradius is dropping the first letter of the domain.
I've not been able to duplicate this with other domains that we have.
Does anyone have any ideas ?
thanks, josh.
--
-----------------------------------------------------------
Josh Howlett, Networking & Digital Communications,
Information Systems & Computing, University of Bristol, U.K.
'phone: 0117 928 7850 email: [EMAIL PROTECTED]
------------------------------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
