>something like Proxy-To-Realm := LOCAL
>
>This is documentented in a comment just before the "realm LOCAL"
>definition in the default proxy.conf.
Thanks for the guidance. If anyone is interested the construct below seems to
work a treat.
Leighton
if((request:NAS-Port-Type == Virtual || request:NAS-Port-Type == Async)&&
..more conditions to define the NAS...){
update control {
Proxy-To-Realm := LOCAL
}
if(ldap_staff-Ldap-Group == correctADgroup){
update control {
Auth-Type := "ntlm_auth"
}
update reply {
cisco-avpair = shell:priv-lvl=15
}
}
}
---
This transmission is confidential and may be legally privileged. If you receive
it in error, please notify us immediately by e-mail and remove it from your
system. If the content of this e-mail does not relate to the business of the
University of Huddersfield, then we do not endorse it and will accept no
liability.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
