EAP-TLS and EAP-PEAP with different authentication/authorization settings

[Alan DeKok]

On Jul 12, 2017, at 2:48 PM, John Meyers <john+freeradius at themeyers.us> wrote:
> You are of course correct - this works just fine in the post-auth area
> of the default virtual server.  However, is there any reason that
> radiusprofile attributes (such as VLAN override) would not be honored if
> done in this manner?

  You can use "ldap.authorize" instead of "ldap".

  Which then does the normal authorize work of "check ldap, and update the reply list".

  Alan DeKok.