-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi, how is it correct to set allowed Called-Station-SSID (the only SSID user allowed to connect to) for user who is configured via LDAP (without SSID issue, users are configured and authenticated/authorized successfully, my question relates *only* to SSID related configuration)? I hoped I can use attribute radiusCheckItem like this radiusCheckItem: Called-Station-SSID == AllowedSsidName but I have no evicence in debug, it is checked :( as well as anything configured via radiusCheckedItem is ignored, perhaps I need to say to FR to do that but I do not understand how to yet? is it in mods-enabled/ldap update section (like control:...)? in FR v.2.x in file users I used this configuration: - ---[ quotation start ]------------------------------------------- DEFAULT Ldap-Group == "wifi-AllowedSsidName", Called-Station-SSID == "AllowedSsidName", Simultaneous-Use := '1', User-Profile := "cn=wifi-AllowedSsidName,ou=rad-profiles,dc=xyz" Reply-Message := "%{User-Name}, SSID: %{Called-Station-SSID} access was permited to you.", Fall-Through = no - ---[ quotation end ]------------------------------------------- but how to get it confiured for v.3.x? for v.3.x have I to use users file too? if not, then how is it correct to get that logic configured in LDAP? - -- Zeus V. Panchenko jid:zeus@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlW3dxoACgkQr3jpPg/3oyqvUACgl/c6blTfwpn+3fRIzhspAKyO YIkAn0sXia4m84vzIDiVKNE6PIxqV/UG =S2nH -----END PGP SIGNATURE-----