Pattern Matching in users file
Garber, Neal
Neal.Garber at energyeast.com
Sat Sep 16 05:03:38 CEST 2006
> You can't use the Group attribute that way. It's for checking Unix
>groups. You'll have to create another attribute for your local groups.
Do I need to predefine the attribute name somewhere before
I attempt to create it in the users file?
>> Also, the Group attribute was added to %RAD_CHECK as opposed to
>> %RAD_REQUEST (Group was not an attribute in the original request).
> The "users" file is documented as behaving this way.
Are you referring to the doc/processing_users_file? If so, perhaps I
misunderstood the bullet within it that reads:
- The check pairlist of the request is replaced by the tmpcheck pairlist
(this is the same as: the check pairlist from the usersfile entry is
appended to the pairlist of the request)
The phrase in parentheses is what made me think I could add attributes
to the request. Is this statement incorrect or am I interpreting it
differently than the author intended? The first part of the bullet
matches what you said and what I experienced.
> If you want to add an attribute to the request, you have to use the
>"hints" file.
I don't think that will work for me because the hints file doc.
states it adds attributes solely based upon prefix or suffix of
the username. I want to add an attribute based upon the value of
Cisco-AVPair. Am I misinterpreting the doc. for hints also?
Thanks again for your help Alan.
More information about the Freeradius-Users
mailing list