Hi, I am authenticating users on cisco switches (telnet or console access) amongst others. In sites-enabled/default, after pap, I have:
if(!control:Auth-Type && (request:NAS-Port-Type == Virtual || request:NAS-Port-Type == Async) && ldap_staff-Ldap-Group == correctADgroup) { update control { Auth-Type = "ntlm_auth" } update reply { cisco-avpair = shell:priv-lvl=15 } } If I enter "u...@realm" rather than just "user" then the request is proxied to the servers for the default realm. What is the best way to prevent proxying for just these users whilst allowing it for all others? A pointer to the relevant docs would be much appreciated. Thanks in advance, Leighton --- This transmission is confidential and may be legally privileged. If you receive it in error, please notify us immediately by e-mail and remove it from your system. If the content of this e-mail does not relate to the business of the University of Huddersfield, then we do not endorse it and will accept no liability. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html