Greetings,
I have a device that can’t send the realm as part of its authentication request.
I can’t make that user a member of the default realm, so I was trying to use an authorization policy to change the realm.
However, no matter what setting I try, I can’t seem to get the setrealm policy to function.
I continually get "ERR905: The user cannot be found in any resolver in this realm!"
I have used NTRADPING for testing and get the same result when I use /validate/check
If I specify the realm (username@myrealm), the user is authenticated without difficulty.
Currently the only policy in force on my server is an authorization scope policy with a single setting setrealm=myrealm.
I have tried specifying the realm in the policy as myrealm, and mydefaultrealm. I have added and removed the resolver that contains the specific user from the policy. I have added and removed the client IP address from the policy. I have added and removed the username of the user attempting to authenticate from the policy.
I cannot get the setrealm policy to change the realm, in every case I receive the error: “ERR905: The user cannot be found in any resolver in this realm!”
Any help you can offer would be greatly appreciated.