On 13/10/10 13:27, Alexander Clouter wrote:
Phil Mayers wrote:
Anyway, as always - if it's failing, please post the full debug output i.e.:
radiusd -X | tee log
...I am pretty sure that is meant to be:
radiusd -X 2>&1 | tee log
I thought freeradius printed to STDERR?
Nope.
-
List info/s
Phil Mayers wrote:
>
> Anyway, as always - if it's failing, please post the full debug output i.e.:
>
> radiusd -X | tee log
>
...I am pretty sure that is meant to be:
radiusd -X 2>&1 | tee log
I thought freeradius printed to STDERR? If not that probably should be
fixed, in my honest opinion.
On 13/10/10 11:55, Mark Holmes wrote:
Thanks Phil.
Final question: At the moment, I can authenticate with username, but not with
usern...@mydomain.ox.ac.uk
How do I tell freeradius to accept usern...@mydomain.ox.ac.uk (I don't mind if
authenticating with just username without the domain fails
Thanks Phil.
Final question: At the moment, I can authenticate with username, but not with
usern...@mydomain.ox.ac.uk
How do I tell freeradius to accept usern...@mydomain.ox.ac.uk (I don't mind if
authenticating with just username without the domain fails)
Thanks,
Mark
-
List info/subscri
On Oct 12, 2010, at 10:29 AM, Alexander Clouter wrote:
> Mark Holmes wrote:
>>
>> At the moment in my test environment, as long as I DONT specify the
>> domain it works - so I'm looking to strip out the domain name if they
>> DO specify it.
>>
> As a hint for the record, in production for 'e
Phil Mayers wrote:
>>
>> Currently when users connect to our WLAN they enter their username
>> thus:- firstname.lastn...@mydomain.ox.ac.uk
>>
>> Is there a way I can strip everything after the @ out (ie the domain)
>> - so they are forced to authenticate against the domain I specify.
>
> Sure,
Mark Holmes wrote:
>
> At the moment in my test environment, as long as I DONT specify the
> domain it works - so I'm looking to strip out the domain name if they
> DO specify it.
>
As a hint for the record, in production for 'eduroam, you must reject
when there is no domain otherwise:
a) yo
Hi,
> authorize {
> if (User-Name =~ /^(.*)@(.*)/) {
> update request {
> User-Name := "%{1}"
> Realm := "%{2}"
> }
> if (Realm !~ /mydomain\.ox\.ac\.uk/i) {
> # invalid
> reject
> }
> }
> }
beware of blank outerid as per the RFC - i
On 12/10/10 16:06, Mark Holmes wrote:
Hi all,
Currently when users connect to our WLAN they enter their username thus:-
firstname.lastn...@mydomain.ox.ac.uk
Is there a way I can strip everything after the @ out (ie the domain) - so they
are forced to authenticate against the domain I specify.
Hi,
> Hi all,
>
> Currently when users connect to our WLAN they enter their username thus:-
> firstname.lastn...@mydomain.ox.ac.uk
>
> Is there a way I can strip everything after the @ out (ie the domain) - so
> they are forced to authenticate against the domain I specify.
>
> At the moment in
Hi all,
Currently when users connect to our WLAN they enter their username thus:-
firstname.lastn...@mydomain.ox.ac.uk
Is there a way I can strip everything after the @ out (ie the domain) - so they
are forced to authenticate against the domain I specify.
At the moment in my test environment,
11 matches
Mail list logo