--On Saturday, 22 July 2006 11:19 +0200 Krämer Armin <[EMAIL PROTECTED]>
wrote:
Thanks, i tried out this now and got the following warning:
rlm_ldap: performing user authorization for host/notebook-armin
Sat Jul 22 12:25:24 2006 : Debug: WARNING: Attempt to use unknown xlat
function, or non-existent attribute in string %{mschap:User-Name}
Sat Jul 22 12:25:24 2006 : Debug: radius_xlat:
'(&(uid=)(objectclass=radiusprofile))'
Sat Jul 22 12:25:24 2006 : Debug: radius_xlat:
'ou=users,ou=radius,dc=ak-server,dc=de'
And the search finishes with "NOT FOUND"
rlm_ldap: waiting for bind result ...
Sat Jul 22 12:25:24 2006 : Debug: rlm_ldap: Bind was successful
Sat Jul 22 12:25:24 2006 : Debug: rlm_ldap: performing search in
ou=users,ou=radius,dc=ak-server,dc=de, with filter
(&(uid=)(objectclass=radiusprofile))
Sat Jul 22 12:25:24 2006 : Debug: rlm_ldap: object not found or got
ambiguous search result
Sat Jul 22 12:25:24 2006 : Debug: rlm_ldap: search failed
Any idea fort this? Looks like the searchString is complete emty now??
I made an LDAP Entry which looks like " uid=host/notebook-armin$ "
Thanks for answering!
Greetings
Armin
-----Ursprüngliche Nachricht-----
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
g] Im Auftrag von James J J Hooper
Gesendet: Samstag, 22. Juli 2006 10:31
An: FreeRadius users mailing list
Betreff: Re: Since 2 Month noone any idea how to do this ? Stripping
Username Question *important*
--On Saturday, 22 July 2006 09:23 +0200 Krämer Armin
<[EMAIL PROTECTED]> wrote:
Hi,
im working with machine authentication and EAP-TLS Zertifikates.
When a machine authenticates I get the name of the mchine like
"host/250-IT" and the search String on LDAP is like "host/250-IT".
I nee the searchString at LDAP like 250-IT$. How can I strip away that
host/ and add $ for the search at the LDAP Directory?
In your LDAP section of radiusd.conf, replace this:
%{Stripped-User-Name:-%{User-Name}}
with this:
%{Stripped-User-Name:-%{mschap:User-Name}}
Regards,
James
Sorry, what i suggested may only work in the mschap section, not in the
LDAP bit... :(
James.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html