Using NAS-Identifier with login criteria

[Alan DeKok]

On Apr 12, 2015, at 10:19 AM, Brian Boere <brian.boere at netwize.ca> wrote:
> does the "!" at the begining of your recommended line just switch the result from "True" to "False" (and vice-versa)? 

  That's what the documentation says.  See "man unlang".

> I made the change, and things stopped working.  When I removed the "!" from your recommended line, things started working again.  

  If you're going to make random changes and *not* understand them, you won't get it configured correctly.

  For various reasons you can't use "LDAP-Group != ...".  That's enough to know.  BUT you have to put that knowledge together with what else you want to do.

> (I did take the original line from an example and honestly not really knowing what the "!" did) 

  Then that's a problem.  The configuration isn't difficult to understand "if" and "else" are well-known terms, and are easy to understand.

> (end requirement is that if the user is a member of the "Corporate Wireless Network" edirectory group, they are allowed to use the wireless network Rad_test2) 

  Then configure that.  It isn't much more complicated than the sentence above.  Just put the "if" and "else" into the correct "unlang" syntax.

  Alan DeKok.