something like huntgroups?

Phil Mayers p.mayers at imperial.ac.uk
Tue Jul 2 08:18:43 CEST 2013 

On 07/02/2013 02:30 AM, Matt Zagrabelny wrote:

> If a user is not in the secret group, then their login should fail if
> the Vendor-3076-Attr-146 = 0x554d44 pair is in the request.

This is pretty easy:

authorize {
   ...
   if (Vendor-3076-Attr-146 == 0x554d44) {
     if (SQL-Group == secret) {
       noop
     }
     else {
       reject
     }
   }
   ...
}

See "man unlang" for more info.

More information about the Freeradius-Users mailing list