New User and AD Question
McNutt, Justin M.
McNuttJ at missouri.edu
Tue Mar 1 18:25:07 CET 2011
> if ( User-Name =~ /host\/([^\.]+)\.(\S+)/i ) {
> update control {
> Proxy-To-Realm := "%{2}"
> }
> }
Part of my troubleshooting involved changing the code to this:
if ( User-Name =~ /host\/([^\.]+)\.(\S+)/i ) {
switch "%{2}" {
case 'col.missouri.edu' {
update control {
Proxy-To-Realm := 'UMC-USERS'
}
}
case 'um.umsystem.edu' {
update control {
Proxy-To-Realm := 'UM-USERS'
}
}
}
}
Now it matches, but something about the regex is still wrong (mainly, the multi-character captures) because it's not expanding correctly. Short version:
...
User-Name = "host/dnps-caplap-4.col.missouri.edu"
...
+- entering group authorize {...}
++? if (User-Name =~ /host\/([^\.]+)\.(\S+)/i )
? Evaluating (User-Name =~ /host\/([^\.]+)\.(\S+)/i) -> TRUE
++? if (User-Name =~ /host\/([^\.]+)\.(\S+)/i ) -> TRUE
++- entering if (User-Name =~ /host\/([^\.]+)\.(\S+)/i ) {...}
expand: %{2} -> s
+++- entering switch %{2} {...}
++++- switch %{2} returns notfound
+++- if (User-Name =~ /host\/([^\.]+)\.(\S+)/i ) returns notfound
++- if (User-Name =~ /host\/([^\.]+)\.(\S+)/i ) returns notfound
++[preprocess] returns ok
So... %{2} expands to 's', which could be the 's' in 'dnps' or one of the 's' in 'missouri'. Definitely going to have to re-write this regex somewhat. :/
Suggestions welcome. Here's the logic behind the original regex:
# "host", a slash, one or more non-dot characters, a dot,
# one or more non-whitespace chars.
I'd like to use the Beginning Of Line and End Of Line anchors as well, but I'm going to have to figure out why the rest of it is failing before I can add those restrictions.
Btw, thanks for the help so far. Much appreciated!
--J
More information about the Freeradius-Users
mailing list