> -----Original Message-----
> From: freeradius-users-bounces+eastb=pffcu....@lists.freeradius.org
> [mailto:freeradius-users-
> bounces+eastb=pffcu....@lists.freeradius.org] On Behalf Of Alan Buxey
> Sent: Monday, April 18, 2011 3:54 PM
> To: FreeRadius users mailing list
> Subject: Re: The last piece of the puzzle - XP host authentication
>
> hi,
>
> your User-Name is going from a sane value 'host/LP-0010.myorg.org'
> to just '/LP-0010.myorg.org' - are you playing around with hints?
> you dont need to remove the host/ part - in fact, messing with the User-Name
> will cause EAP to
> break...especially when a windows machine is involved. if you are authing
> against AD then you
> actually need to keep the entry as host/LP-0010.myorg.org - the ntlm_auth
> part should deal with
> it... the required '$' ending will be there :-)
Right you are, I forgot to back that out from my experimentation:
:/etc/raddb# diff hints ../raddb.clean/hints
36d35
< DEFAULT Prefix == "host", Strip-User-Name = Yes
You know, looking at other changes I've made I've just realized I need to take
a step back. Specifically, I could not get "ntdomain" working, so I had turned
on nt_domain_hack. I've turned it back off, so now login/enable authentication
is working but port auth is not. I'm going to have to work on that some more.
Dammit.
--
be
XIV:
After the year 2015, there will be no airplane crashes. There will
be no takeoffs either, because electronics will occupy 100 percent
of every airplane's weight.
This E-mail, along with any attachments, is considered confidential and may
well be legally privileged. If you have received it in error, you are on notice
of its status. Please notify us immediately by reply e-mail or call
215-931-0300 / 800-228-8801 and then delete this message from your system.
Please do not copy it or use it for any purposes, or disclose its contents to
any other person. Thank you for your cooperation.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
