Hi,
Is all this explained anywhere?
man unlang the first basic paragraphs state: The goal of the language is to allow simple policies to be written with minimal effort. Those policies are then applied when a request is being processed. Requests are processed through virtual servers (including the default one), in the sections titled "authorize", "authenticate", "post-auth", "preacct", "accounting", "pre-proxy", "post-proxy", and "ses- sion". These policies cannot be used in any other part of the configuration files, such as module or client configuration. ie, if you already have some values, you can, eg in the 'authenticate' or 'authorize' section, set other values appropriately, before 'users' module is called....and then things will be there. or you can just set them full stop. alan