Kostas Kalevras wrote:
The above won't work. You can't just add the User-Name line in the rlm_ldap configuration and expect it to work.
I didn't expect it to just work, but I wanted to at least try something before posting a question. The documentation isn't as clear as your answer so I was grasping at straws.
You can either use rlm_attr_rewrite to strip the 'host/' part, or probably add a Hint variable in the users file and use that as the filter:
--users-- DEFAULT User-Name =~ "^([^/]+)/(.*)", Hint := `%{2}`
--radiusd.conf-- ldap { filter = "(cn=%{check:Hint})" ... }
I tried adding the expression to the users file as you suggest - that doesn't appear to work either. I still end up with a cn='' filter. Any other ideas are greatly appreciated.
Thanks, Craig
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html