using Ldap-Group attribute checks in policy.txt
Phil Mayers
p.mayers at imperial.ac.uk
Mon Mar 7 18:14:01 CET 2011
On 07/03/11 16:25, Thomas Wunder wrote:
> Hi, i'd like to specify my auth-policies using the rlm_policy module
> (since i like it's obvious flexibility and the cleanness of it's
> policy syntax and because i wasn't able to solve some particular
> problems with rlm_files) but there's one big problem left: until now
Is there any particular reason you are using rlm_policy as opposed to
the "policies" feature in unlang?
It might not be obvious, but they're different. The latter is newer,
better supported and configured by editing "raddb/policy.conf" file (in
default freeradius installs):
policy {
my-policy {
...any unlang ...
}
}
...then in raddb/sites-/*/*:
authorize {
my-policy
}
You will probably find that Ldap-Group works with the unlang policy
stuff, because it works with plain unlang.
More information about the Freeradius-Users
mailing list