How to force users file parsing when returning proxied reply to add per-user AV-Pairs

[Alan DeKok]

Gianni Costanzi wrote:
> We're going to upgrade it in the next few weeks

  Good.

> It's not a nonsense if you start working in a production environment
> where hundreds of routers authenticate through radius
> and you don't know the product.. Certainly it is nothing impossible,
> just it takes a certain amount of time.

  Regular upgrades should be part of network policy.  If you leave
upgrades for years, then the upgrade process will be complex,
error-prone, fragile, and hard to reproduce.

  You can upgrade in stages.  Install the new server, and test it.  Make
ONE router use it.  Then another...

> Thank you.. BTW can you tell me if in the last freeradius versions
> when radius A proxies a request to radius B and it receives a response
> from B, should radius A scan its own users file to append AV-Pairs to
> the response?

  I have no idea.  I don't bother remembering which version had what
functionality added.

  In recent versions of the server, this is easy.  The post-proxy
section does this.  Unlang makes it easy.

  Alan DeKok.