Alan DeKok wrote:
Frank Sweetser wrote:
The usernames currently don't have a domain portion. Would it be possible for
me to set a default domain for a given username? (The list is small, so would
be manageable for me.) And if so, could you give me at least a rough example
of how I would set this up?
You can configure two different versions of the EAP module. Each one
has it's own server cert && CA. Then, in the "authorize" section, do:
authorize {
...
if (User-Name == "user1") {
eap_1
}
elsif (User-Name == "user2") {
eap_2
}
...
}
authenticate {
...
eap_1
eap_2
...
}
That should work.
Alan DeKok.
This worked perfectly, Alan. Thanks again!
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
