On Nov 6, 2007 5:29 PM, <[EMAIL PROTECTED]> wrote: > Hi, > > > Thanks for this info. One more step, is there any place in the freeradius > > configuration file that we can run a script to check the incoming radius > > request user-name/calling-station-id agaist a file for example > > youAreBlocked.txt, and then set the above attributes in the reply to the > > NAS? > > rlm_perl, rlm_python or exec - which coding language would you prefer? > with any of these you can simply run a script which could check the > attributes and return the correct reply attributes.
This is what I am looking for. Thanks a lot. Getting to more specifics. We already have enterprise LDAP service. Can we just add an attribute to the user entry in the ldap which will like blocked = yes, then we can have the rlm_perl check the ldap user entry attribute, if blocked == yes, then assign the restricted VLAN name in the radius reply. Is this normal thing to do? Or have a group in ldap for blocked users, if user entry group include the blocked group, then assign restricted VLAN in the radius reply? I think either way should work. Thanks for all the reply. Regards, shiling > > > alan > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
