radiusExpiration attirbute declared in the LdapGroup
Alexander Clouter
alex at digriz.org.uk
Fri Oct 9 09:31:37 CEST 2009
Hi,
aangles <aav_1984 at hotmail.com> wrote:
>
> I would Like to know if there is a way to define an expiration time for all
> those users which belong to an LDAP Group, instead of defining this
> attribute for each of those users?
>
> Moreover, after expiration time , RADIUS send an access-reject to the user.
> Is there any tool or something that send a message to the wifi users in a
> "windows form"?
>
I think you have two options, some LDAP xlat'ing after you have called
your LDAP autz module based around 'control:Ldap-UserDn' or
alternatively (and probably better) is just to use some unlang to say:
----
if (LDAP-Group == blah) {
update control {
Expiration := "<wibble>"
}
}
----
Then called the 'expiration' module after that.
Cheers
--
Alexander Clouter
.sigmonster says: Life is the urge to ecstasy.
More information about the Freeradius-Users
mailing list