Massimo Pistoni wrote: > The symptom is that the third (but also the fourth for simpler tries) of > the following users statements > does not match in the case of authentication based on a > <[EMAIL PROTECTED]> style (with Suffix =! "lnf.infn.it"): > ----------------------------------------------------------------------------- > > DEFAULT Auth-Type = Kerberos, Suffix == "lnf.infn.it" > > DEFAULT Auth-Type = Kerberos, Suffix == "LNF.INFN.IT" > > DEFAULT Auth-Type := Reject, Suffix =~ "@", Suffix !~ > "@(.+\\.|)(infn\\.it|INFN\\.IT)$" > > DEFAULT Auth-Type := Reject, Suffix =~ "@"
Why are you using the Suffix attribute? Why not just perform the checks on the User-Name attribute? > I tried several other syntax way, but it seems that regular expressions > are disabled. > > The same users file is regularly working in the version 1.1.1 and 1.1.7 > installed on the same system. Do the checks on the User-Name attribute. Quite frankly, I'm surprised that your example did anything in 1.1.x. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
