Thanks for help :)
But it does not work :(
Here is my radiusd.conf
---
ldap{
server = localhost
identity = uid=Admin,ou=Staff,dc=example,dc=com
password = secret
basedn = ou=People,dc=example,dc=com
filter =
(uid=%{Stripped-User-Name:-%{User-Name}},ou=%{Realm})
Realm section is still untouched
#
# Using this entry, IPASS users have their realm set to IPASS.
realm IPASS {
format = prefix
delimiter = /
ignore_default = no
ignore_null = no
}
#
realm suffix {
format = suffix
delimiter = @
ignore_default = no
ignore_null = no
}
# 'username%realm'
#
realm realmpercent {
format = suffix
delimiter = %
ignore_default = no
ignore_null = no
}
#
# 'domain\user'
#
realm ntdomain {
format = prefix
delimiter = \\
ignore_default = no
ignore_null = no
}
Below is debug:
modcall: entering group authorize for request 0
rlm_realm: Looking up realm example.com for User-Name = example.com
rlm_realm: No such realm example.com
modcall[authorize]: module suffix returns noop for request 0
modcall[authorize]: module preprocess returns ok for request 0
modcall[authorize]: module attr_filter returns noop for request 0
rlm_realm: Looking up realm example.com for User-Name =
[EMAIL PROTECTED]
rlm_realm: No such realm example.com
modcall[authorize]: module suffix returns noop for request 0
modcall[authorize]: module chap returns noop for request 0
modcall[authorize]: module mschap returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module eap returns noop for request 0
modcall[authorize]: module files returns notfound for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for [EMAIL PROTECTED]
radius_xlat: '([EMAIL PROTECTED],ou=)'
radius_xlat: 'ou=People,dc=example,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as uid=Admin,ou=Staff,dc=example,dc=com/secret to
localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter
([EMAIL PROTECTED],ou=)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module ldap returns notfound for request 0
...
As you can see ou is empty.
- Original Message -
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Sent: Thursday, September 22, 2005 9:34 PM
Subject: Re: Realm extraction
Dmitry Alekhin [EMAIL PROTECTED] wrote:
I am new in free radius , so I have one question: How can I exctract
Realm attribute in
radiusd.conf name?
Use the Realm attribute. The debug log will show you that the
realm module is adding this attribute.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html