3.60.7. LSARewriteHook Previous topic Parent topic Child topic Next topic

This optional parameter allows you to define a Perl function to rewrite the username that is passed to LSA. Username passed to LSA API is changed to whatever is returned by this function. The username in request is not changed. This may be needed, for example, with Wi-Fi roaming where roaming username can not be directly used with Windows authentication because of local naming conflicts with roaming requirements.
The following parameters are passed to LSARewriteHook:
  • $_[0]: $p, the current Radius::Radius request object
  • $_[1]: $user, the current username to pass to LSA
Here are some examples:
# We use file instead of inline code
LSARewriteHook file:"%D/lsa-rewrite-hook.pl"
# Use inline code to change our global roaming realm to windows domain
LSARewriteHook sub { my ($user) = $_[1]; \
    $user =~ s/example\.com\z/org.local/; \
    return $user; }