Hello,
I have the same problem but this procedure don't work in my environment
(FREERADIUS, OpenLDAP, SAMBA).
I have this eap error : rlm_eap: Identity does not match User-Name, setting
from EAP Identity.
rlm_eap: Failed in handler
Can you send me your radiusd.conf ?
Regards
OLIVER Patrice wrote:
>
> Hello,
>
> It works, thanks. :)
>
> Regards.
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
> Date: Fri, 14 Dec 2007 09:39:08 +0000
> Subject: Re: EAP-TLS - About username sent by supplicant
>
>> Hi,
>>
>> > My question deals with the username sent by the supplicant when the
>> authentication goes on. At
>> boot
>> > time, the username sent is : host/user_name. After the login, the
>> username sent is : user_name.
>> So, I
>> > have to create 2 users. I want to cut 'host/' to make this task easier.
>> It is possible ? How do I
>> do this ?
>>
>> attr_filter or somesuch eg put these into radiusd.conf
>>
>> attr_rewrite copy-user-name {
>> attribute = Stripped-User-Name
>> new_attribute = yes
>> searchfor = ""
>> searchin = packet
>> replacewith = "%{User-Name}"
>> }
>>
>> attr_rewrite remove-host {
>> attribute = Stripped-User-Name
>> searchfor = "^(host/.*)"
>> searchin = packet
>> new_attribute = no
>> replacewith = "%{1}"
>> }
>>
>> and then call these 2 functions in your authorize section
>> (radiusd.conf or sites-enabled/wherever (for FR 2.0) )
>>
>> copy-user-name
>> remove-host
>>
>> just before the other modules are called - eg chap, auth_log etc etc
>>
>> alan
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
--
View this message in context:
http://www.nabble.com/EAP-TLS---About-username-sent-by-supplicant-tp14331648p14334549.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
