How to set User-Profile for roaming (proxied) users

[Jonathan]

Hi all,

First an overview:

- I'm running Freeradius 2.2.5 with local users in SQL database
- We have roaming users utilizing our network infrastructure, but these
users do not exist in our own local database and need to be proxied for
authentication/accounting
- normal proxying and authentication/accounting is going well.

Setup: Roaming user <-> OUR_INFRA+RADIUS <-> ROAMING_RADIUS

Since it's an international roaming agreement, I have configured a
catch-all REALM which do not match our owns to be send their:

realm "~.+$" {
        pool                    = ROAMING
        nostrip
}

I now want to assign a user-profile for these users so that I can
pre-authorize them using our own policies.

For example:

1) roaming is only allowed on weekends and weektime during evenings
2) per user, only 1 roaming session is allowed
3) per user volume limiting based on a user-profile for this roaming
agreement (User-Profile := "roaming")

I've tried both methods below to set this in the authorize section as
follows:

authorize{
...
 sql
 if (notfound}
  update control {
    User-Profile := "roaming"
 }
}

realm "~.+$" {
        pool                    = ROAMING
        nostrip
  update control {
    User-Profile := "roaming"
 }
}

but none are working, i've also tried proxy-request and request as update
statements.

How can I assign profiles to roaming users who do not exist in our local
database for authentication, but are accounted for locally.

Thx,

Jonathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140717/07ee6c22/attachment.html>