accept my apologies Alan

i didn't see your answer.

you said:
> You shouldn't do that.  This should be a separate policy.

i didn't understand your answer.
I should create two policies. isn't it ?
the first, in the goal to compare the last authentication and the last to update my radusergroup.

thank a lot