Honestly... there are 3-4 solutions which are trivial in 2.x. Any
solution is hard in 1.1.3. I don't even recall what feature set it has
(or is missing).
Alan DeKok.
Ok, I have upgraded to Freeradius version 2.1.3 (following the
suggestion above). I have configured and gotten everything to work
except for the domain name stripping at the front of the username (eg:
HTN/josh). If I dont supply the domain name, authentication succeeds
perfectly. I am still getting the same error that I was with
Freeradius version 1.3.1. Ive configured a HTN realm to strip off the
HTN part and in the debug, it appears to work as stripped-user=josh
gets proxied back. Then authentication failes in the same way as it
did before? It is mentioned above that there are 3-4 solutions which
are trivial in 2.x. Since I have Freeradius basically running, could
someone spare some of their valuable time with a pointer on stripping
off the HTN part of the user so authentication will succeed? Thanks
=D. Below is the part of my debug output from Freeradius showing the
authentication failure. Once again, it works perfectly if I dont
supply the domain name (I can then connect perfectly via eap-ttls with
mschapv2). Hopefully I am close. I can supply more of my configs if
needed.
Thanks -Josh
Ok well once again, the answer was in the debug output. Since it was
sending back Stripped-username instead of Username, I had to create a
2nd smbpasswd module. In this module I mapped stripped-user instead of
username. This worked. This does work. Is this a good and acceptable
solution? I'd still be interested in hearing other solutions if there
are any out there. Thanks again!
-Josh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html