Group membership by SSID
Ethariel
ethariel at gmail.com
Tue Mar 7 11:10:56 CET 2017
Hello,
just to let you know that with Tmp-String it works.
Here is the conf :
in sites-available/default and sites-available/inner-tunnel
add in authorize section :
rewrite.called_station_id
if (Called-Station-Id == "Customer_Lan") {
update request {
Tmp-String-1 := "Wifi_Pro"
}
}
if (Called-Station-Id == "Customer_Perso") {
update request {
Tmp-String-1 := "Wifi_Perso"
}
}
Change rewrite.called_station_id :
# Called-Station-Id := "%{Called-Station-Id}:%{8}"
Called-Station-Id := "%{8}"
(You can also keep the original and change the == test in the
authorize section above)
Then edit modules/mschap
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--username=%{mschap:User-Name}
--domain=%{%{mschap:NT-Domain}:-customer.local}
--challenge=%{%{mschap:Challenge}:-00}
--nt-response=%{%{mschap:NT-Response}:-00}
--require-membership-of=CUSTOMER/%{request:Tmp-String-1}"
Thks to Matthew for pointing to Tmp-String
and I'll upgrade to 3.x asap.
Rgds,
2017-03-03 18:21 GMT+01:00 Ethariel <ethariel at gmail.com>:
>> If your policy is to remain on an unsupported version, and one which was released many years ago... that's your choice.
>>
>> Upgrading to a supported and recent release is a much better idea.
>
> I'll do it as soon as released. This politic is not my choice alone.
> Anyway it's out of subject.
More information about the Freeradius-Users
mailing list