Sharkey, Patrick M. wrote: > In FreeRADIUS version 1.x I was able to add a vendor specific AV pair to > an Access-Accept message based on the User-Name. Users are **not** > specifying a realm, therefore the FR 1.x server proxies all requests to > another RADIUS server by virtue of the NULL stanza in the proxy.conf > file. The post_proxy_authorize directive is set to “yes” inside > proxy.conf, so the users file is processed twice (on request and response).
The two-time processing is gone in 2.x. The newer functionality is better. > How do I conditionally add an AV pair post-proxy with FreeRADIUS version > 2.1.7? See "man unlang". Just put something in the "post-proxy" configuration section: post-proxy { ... if (User-Name == "foo") { update reply { Vendor-User-Group += "bar" } } ... } Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html