attribute checking with AD

Alan DeKok aland at
Wed Jul 20 18:28:11 CEST 2005

Stefan Winter <freeradius-users-ml at> wrote:
> So far I mapped "Department" as a checkItem to one of our Vendor-Specific 
> attributes in ldap.attrmap and _wanted_ to do regexp matching in the users 
> file for that Vendor-Specific attribute after authorize->ldap passed through.
> DEFAULT Our-Vendor-Specific-Thing =~ [^7].*, Auth-Type := Reject

  The "users" file doesn't do comparisons to check items very well.

  In the CVS head, the policy module can do this.  You may be able to
back-port it to 1.0.x.

  Alan DeKok.

More information about the Freeradius-Users mailing list