Authorization question
Larry Ross
lfross at ucdavis.edu
Tue Apr 7 23:07:26 CEST 2009
Nevermind... was making it WAY to complicated....
if (nadmin == "NOC") {
update reply {
Reply-Message = 'Noc-Group Match'
}
}
-----Original Message-----
From: freeradius-users-bounces+lfross=ucdavis.edu at lists.freeradius.org [mailto:freeradius-users-bounces+lfross=ucdavis.edu at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Monday, April 06, 2009 10:27 PM
To: FreeRadius users mailing list
Subject: Re: Authorization question
Larry Ross wrote:
> In my passwd module I have the following. (made sense to have the group
> name appear as if it came from the authenticator... hence the ~)
...
> format = "~Group-Name:*,User-Name"
Do NOT re-use the "Group-Name" attribute. That is already used for
Unix groups.
There's a reason that the "man" page for rlm_passwd uses another name
for the grouping attribute.
> I attempt to utilize this method I fail (Radius will not start as
> currently I am simply trying to append a Reply message when NOC-Group
> scores a hit.
...
> if (%{request:Group-Name} == "NOC") {
> Reply-Message = 'Noc-Group Match'
It's failing because that is not the correct syntax for adding
attributes. See the "update" command that is documented in "man unlang"
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list