How to apply logical OR in the auth. modul

Jevos, Peter Peter.Jevos at oriflame.com
Thu Jul 22 17:18:32 CEST 2010


> I have in the modules/ntlm_auth_vpn command:
..
> Is it possible to add another command ( with different domain ) and to
> add OR in order to  choose which one will pass ?
> 
> Something like this:
>
> exec ntlm_auth_vpn {
>                program = "/usr/bin/ntlm_auth --request-nt-key
> --domain=%{mschap:NT-Domain} --username=%{mschap:User-Name}
> --password=%{User-Password} --require-membership-of=domain1"
> 
>                  OR
> 
>                program = "/usr/bin/ntlm_auth --request-nt-key
> --domain=%{mschap:NT-Domain} --username=%{mschap:User-Name}
> --password=%{User-Password} --require-membership-of=domain2"
> 
>         }
>
> It means that auth-type ntml_auth_vpn is right if one of these command
> will pass

  You can write a shell script to do that.  There's no need to do
anything in the server.

#1/bin/sh

/usr/bin/ntlm_auth ...
if [ "$?" = "0"]; then
  ...

  Alan DeKok.


Thank you Alan

Yes I was thinking about it but I don't know how can I pass the
aregumens to that script ( like mschap:User-Name and so on )
When and who will call this script ?

thanks 




More information about the Freeradius-Users mailing list