Class attributes
Alan Buxey
alan.buxey at gmail.com
Tue Oct 31 11:30:04 CET 2017
Remember that for EAP methods such as PEAP and TTLS, you cannot trust the
outer username so policies should be defined in inner-tunnel (where
username is known) with relevant copying to the outer reply
alan
On 31 Oct 2017 5:39 am, "Muenz, Michael" <m.muenz at spam-fetish.org> wrote:
> Am 30.10.2017 um 13:33 schrieb Satish Patel:
>
>> In auth-post of deafult file right or inner-tunnel?
>>
>> Hi,
>
> post-auth section in default. You can do quite complex setup with this:
>
> if (User-Name =~ /^m[0-9][0-9][0-9]_/) {
> update reply {
> Class := "groupX"
> }
> }
> elsif (User-Name =~ /^admin_/) {
> update reply {
> Class := "groupAdmins"
> }
> }
> elsif (User-Name =~ /^service_/) {
> update reply {
> Class := "groupService"
> }
> }
> else {
> update reply {
> Class := "groupDefault"
> }
> }
>
> Michael
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list
> /users.html
More information about the Freeradius-Users
mailing list