Two Quick Questions

Adam Bishop Adam.Bishop at
Wed Jul 18 18:30:18 CEST 2018

On 9 Jul 2018, at 12:12, Alan DeKok <aland at> wrote:
> On Jul 9, 2018, at 7:08 AM, Adam Bishop <Adam.Bishop at> wrote:
>> * Can I tell the users origin once we get into post-auth, or do I need to use a custom attribute?
>> If a user comes from the users file, I want to apply some different policy - the only distinguishing feature the users I want to manipulate have is that they're stored in the users file rather than AD.
>  You need to use a custom attribute.  The server doesn't track where each attribute came from.

module_failure_message is being populated with "Failed retrieving values required to evaluate condition" - doesn't appear to be affecting function, but it's messing with my log parsing.

I've implemented it as:

		if (&User-Class == "guest") {
			# User is from the users file, assign them to the external guest VLAN regardless of all other factors
			update reply {
				&reply:Tunnel-Type = GRE
				&reply:Tunnel-Medium-Type = IP
				&reply:Tunnel-Private-Group-ID = "%{client:outer_guest_vlan}"

Can I check for the existence of the attribute before I test its value?

Adam Bishop

  gpg: E75B 1F92 6407 DFDF 9F1C  BF10 C993 2504 6609 D460

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.  

More information about the Freeradius-Users mailing list