Different Auth Methods based on client entries with ntlm_auth
Alan DeKok
aland at deployingradius.com
Fri May 27 14:40:18 CEST 2011
O'Neil, Donald A. wrote:
> I've followed the instructions on
> http://deployingradius.com/documents/configuration/active_directory.html and
> it works great for one group when I add the option
> --require-membership-of=SomeGroup but I need a way to figure out how to
> specify that group name, perhaps based on the nastype, or some other
> variable I can set in the client configuration.
Put the group name into a temporary variable (Tmp-String-0), and then
edit the ntlm_auth line in raddb/modules/mschap:
ntlm_auth = ".... --require-membership-of=%{Tmp-String-0}"
That will be dynamically expanded at run time.
Alan DeKok.
More information about the Freeradius-Users
mailing list