Re: [m0n0wall-dev] Radius Mac Authentication failure with IAS

From:	Jonathan Karras <jkarras at karras dot net>
To:	Jonathan De Graeve <Jonathan dot De dot Graeve at imelda dot be>
Cc:	m0n0wall at lists dot m0n0 dot ch, Lloyd Palfrey <Lloyd at wsufftrust dot org dot uk>, m0n0wall dash dev at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall-dev] Radius Mac Authentication failure with IAS
Date:	Thu, 04 May 2006 08:50:18 -0600

It looks like I was backwards. FreeRADIUS converts to lowercase if 
requested. I think the source of my case insensitivity is from the LDAP 
backend I am using.

Quote from the FreeRADIUS radiusd.conf file

# lower_user / lower_pass:
# Lower case the username/password "before" or "after"
# attempting to authenticate.
#
#  If "before", the server will first modify the request and then try
#  to auth the user.  If "after", the server will first auth using the
#  values provided by the user.  If that fails it will reprocess the
#  request after modifying it as you specify below.
#
#  This is as close as we can get to case insensitivity.  It is the
#  admin's job to ensure that the username on the auth db side is
#  *also* lowercase to make this work
#
# Default is 'no' (don't lowercase values)
# Valid values = "before" / "after" / "no"
#
lower_user = no
lower_pass = no

End of Quote

Jonathan

Jonathan De Graeve wrote:
>> I would say all uppercase. I think my RADIUS server converts thing to
>> all uppercase anyway. I don't have a real preference.
>>
>> As for the change for no real reason. If someone has a database
> already
>> created one way they wouldn't have to change. Say moving from MAC auth
>> on the WAP to CP MAC auth.
>>
> 
> In my situation its lowercase :(
> 
> Can anybody please investigate this on his own radius systems?
> 
> If necessary I also add a uppercase/lowercase switch in the advanced
> setup page defaulting to what most users have.
> 
> J.
>