Hi,
I'm trying to set login restrictions based on SSID. For example users in Sales Group should only connect a particular SSID, etc.. and Support Team should be able to login to any SSID. We have Aruba Controller, which provide SSID in Aruba-Essid-Name attribute in Access-Request and using daloradius for user management.
First i've tried the following to get this working without adding any sql code;
"Aruba-Essid-Name := ssid_name" in User Group Check attributes - didn't work "Aruba-Essid-Name := ssid_name" in User Check attributes - didn't work
First off, check : http://wiki.freeradius.org/config/Operators The := is an "assignement" sort of thing, as a check item it always returns true. If you use "==" in the "User Check attributes ", I think it'll do what you want (could depends on a lot of other stuff in your config). Because the user check won't match and so the "Clear-Text-Password" assignment won't be done and without password set, the MSCHAPv2 will fail. Cheers, Sylvain