Hi,
> So, its just successful auth requests that are proxied thru to the JANET radius that do not contain the username in my IAS log.
>
> Has anyone else seen this when using MS-IAS?
it isnt just IAS - its all RADIUS servers - if the user has authenticated with
an anonymous outerid eg @site.ac.uk then you dont know who they are (otherwise
it wouldnt be anonymous) - you should have lots of other details about them - eg
MAC address, IP address, which NAS they used etc. the only place that will know the
real username is the home site (identity provider)
.....however, you should get _something_ logged for the user - even if its just
@site.ac.uk to help give you a clue! I'd check your logging section/policy to
ensure that the proxy config has logging enabled.
alan
|