setting user profile depending on realms?

[Markus Krause]

Hi list!

We have an internal LAN with several VLANs, each corresponding the the  
unix group of the users. This VLAN information is stored in OpenLDAP  
(via radiusprofiledn), and that works :-)
But we want to give our users the possibility to get into a special  
VLAN, in particular one which is called "Internetcafe" (in which the  
can use "special services"). I thought of doing this by adding a realm  
to the username, so the users can either use "username" or  
"username at ic" and gets the appropriate VLAN. To do this i added the  
following line in /etc/raddb/users:

DEFAULT User-Name =~ "@ic$", User-Profile :=  
"cn=InternetCafe,ou=VLAN,o=Testnet"

But this works only if i do not have a radiusprofiledn attribute in  
the users entry in OpenLDAP, otherwise it works.

Is there a way to override the userprofile given back by the  
freeradius if the user adds a "@ic" (or whatever realm) ?
Or is there even a better way to achieve this goal and i am thinking  
in a completly wrong direction?

Thanks in advance for any hints!

Regards
    Markus


-- 
Markus Krause                                   email: krause at biochem.mpg.de
Mogli-Soft: Support for Mac OS X, Webmail/Horde, LDAP, RADIUS
by order of the Computing Center of the Max-Planck-Institute of Biochemistry
Tel.: 089 - 89 40 85 99                         Fax.: 089 - 89 40 85 98

----------------------------------------------------------------------
      This message was sent using https://webmail2.biochem.mpg.de
If you encounter any problems please report to rz-linux at biochem.mpg.de