Username from LDAP in proxy request
Hi, I'm looking for some help with proxying requests using free-radius. I have a situation where I need to perform a query to an LDAP that contains both the back-end authentication server as well as username for a user. For example, the User-Name in the originating request may be User1. FreeRADIUS then queries LDAP, which contains attributes called authenticationserver and authenticationuname. The authenticationserver is where the request should be proxied to, and the authenticationuname is the User-Name that should be substituted for the original user-name in the proxy request. I have the first part working, where I mapped authenticationservername to Proxy-To-Realm in the ldapmap file. I also setup all the possible values as realms. The server is now forwarding requests based on what it gets back in the LDAP query. I'm stuck however at trying to substitute the User-Name from what is retrieved from LDAP. Anybody know anyway to do this? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Username from LDAP in proxy request
I'm looking for some help with proxying requests using free-radius. I have a situation where I need to perform a query to an LDAP that contains both the back-end authentication server as well as username for a user. For example, the User-Name in the originating request may be User1. FreeRADIUS then queries LDAP, which contains attributes called authenticationserver and authenticationuname. The authenticationserver is where the request should be proxied to, and the authenticationuname is the User-Name that should be substituted for the original user-name in the proxy request. I have the first part working, where I mapped authenticationservername to Proxy-To-Realm in the ldapmap file. I also setup all the possible values as realms. The server is now forwarding requests based on what it gets back in the LDAP query. I'm stuck however at trying to substitute the User-Name from what is retrieved from LDAP. Anybody know anyway to do this? Create a new attribute New-User-Name in raddb/dictionary. Map it to authenticationuname in ldap.attrmap. Use unlang to replace User-Name with it in pre-proxy section. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
