On Tue, Dec 07, 2004 at 12:40:41PM -0800, L.C. (Laurentiu C. Badea) wrote: > Xtradius uses Auth-Type = External, freeradius appears to need Auth-Type = > Accept with an external script. Not a big deal, just thought I should > mention it because it is somewhat less intuitive (since after all, you can > turn it into a Reject via exit code).
You could add an Auth-Type to your local dictionary, and force Auth-Type to that in authorization, if you're only ever going to authenticate from that external script. Otherwise, an rlm_exec in authorization which checks for conditions and sets your custom Auth-Type would be the obvious method to me. _Or_ your could put your script in post-auth, so it's always called, and just have the authorisation section always return accept. ^_^ I guess there's no "External" Auth-Type because very few people are doing checking that can't be handled in one of the auth-types supplied already? -- Paul "TBBle" Hampson, on an alternate email client. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html