On Wed, 2019-11-13 at 10:33 -0200, Renato Sousa wrote:
I use freeradius 3.0.12 to authenticate users to a wireless network in my company. Some time ago I made the configuration below to prevent users from authenticating without using @domain in the request, which worked for a long time, but stopped working.
OK
*post-auth {... update reply { User-Name: = & User-Name }...}*
That would never work to ensure a username contains '@'.
How can I configure freeradius to validate only users in the format ' username@domain.com' ?
In authorize: if (&User-Name !~ /@/) { reject } Then use the `filter_username` policy to check for correctly formed User-Name: no double dots, only a single '@', etc. -- Matthew