How to validate user at domain.com?
Matthew Newton
mcn at freeradius.org
Wed Nov 13 13:45:59 CET 2019
On Wed, 2019-11-13 at 10:33 -0200, Renato Sousa wrote:
> I use freeradius 3.0.12 to authenticate users to a wireless network
> in my company. Some time ago I made the configuration below to
> prevent users from authenticating without using @domain in the
> request, which worked for a long time, but stopped working.
OK
> *post-auth {... update reply { User-Name: =
> &
> User-Name }...}*
That would never work to ensure a username contains '@'.
> How can I configure freeradius to validate only users in the format '
> username at domain.com' ?
In authorize:
if (&User-Name !~ /@/) {
reject
}
Then use the `filter_username` policy to check for correctly formed
User-Name: no double dots, only a single '@', etc.
--
Matthew
More information about the Freeradius-Users
mailing list