Hello Alan! Here is the output of a sample RADIUS Request with the realm "host" as the prefix. It seems as if the rlm_realm is only looking for the "@" character as a delimiter. Below my output I have pasted the relevant content of the "/opt/etc/raddb/modules" file.
Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 172.24.110.198 port 1094, id=91, length=118 User-Name = "host/habakuk" User-Password = "habakuk" NAS-IP-Address = 172.24.110.198 NAS-Port = 1101 NAS-Port-Type = Virtual Calling-Station-Id = "00-01-F4-6F-28-E0" Called-Station-Id = "00-01-F4-6F-28-E0" NAS-Port-Id = "host.0.1" +- entering group authorize ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop rlm_realm: No '@' in User-Name = "host/habakuk", looking up realm NULL rlm_realm: Found realm "NULL" rlm_realm: Adding Stripped-User-Name = "host/habakuk" rlm_realm: Adding Realm = "NULL" rlm_realm: Authentication realm is LOCAL. ++[suffix] returns ok rlm_eap: No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound /opt/etc/raddb/modules: # -*- text -*- # # $Id: realm,v 1.1 2008/05/30 09:18:46 aland Exp $ # Realm module, for proxying. # # You can have multiple instances of the realm module to # support multiple realm syntaxs at the same time. The # search order is defined by the order that the modules are listed # in the authorize and preacct sections. # # Four config options: # format - must be "prefix" or "suffix" # The special cases of "DEFAULT" # and "NULL" are allowed, too. # delimiter - must be a single character # 'realm/username' # # Using this entry, IPASS users have their realm set to "IPASS". realm IPASS { format = prefix delimiter = "/" } realm prefix { format = prefix delimiter = "/" } # '[EMAIL PROTECTED]' # realm suffix { format = suffix delimiter = "@" } # 'username%realm' # realm realmpercent { format = suffix delimiter = "%" } # # 'domain\user' # realm ntdomain { format = prefix delimiter = "\\" } The corresponding configuration in the "/opt/etc/raddb/proxy.conf" file is the following: realm host { auth_pool = ias_failover } The auth_pool is configured properly and I have succesfully tested an authentication. Why is freeradius not searching for the "/" character as a delimiter? Any idea? -----Ursprüngliche Nachricht----- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von [EMAIL PROTECTED] Gesendet: Montag, 01. September 2008 21:31 An: FreeRadius users mailing list Betreff: Re: Realm delimiter characters Hi, > Question: WHERE does this configuration go? I have not found any suitable > configuration file. According to an outdated info in the wiki, this > information is supposed to be made in the radiusd.conf ... but this > information is no longer valid for version 2.0.5. almost all of the functionality has been moved into 2 locations, either virtual servers (located in sites-available, to which you put a softlink from site-enabled), or modules (all located in the module directory) - in this case, realms are moved into the modules directory. you may need to 'activate' prefix or suffix to get the delimiters working. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Oesterreichische Lotterien Gesellschaft m.b.H., Rennweg 44, A-1038 Wien, FN 54472 g, Handelsgericht Wien, DVR-Nr: 0476706 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html