William Burnett <burnet...@gmail.com> wrote:
>
> Thanks that helped I've got the conditions to match. However I've
> setup multiple groups:
>
> ssh-admin
> ssh-read
> ssh-write
>
> and want to use a regexp to match anything containing ssh-* to allow
> those users to authenticate instead of multiple lines matching each
> value. Can I use regex matching with SQL-Group ?
>
> The following seems to be evaluated as "ssh.*" and not anything
> containing "ssh......"
>
> if (!SQL-Group =~ /ssh.*/ && (Service-Type == "Login-User")) {
> .....reject.... }
>
Does not work like that. You will need to construct a SQL xlat
statement that does the check for you, so:
----
if ("%{sql:SELECT ....}" ....) {
----
or however SQL modules function, I'm an LDAP man myself.
Cheers
--
Alexander Clouter
.sigmonster says: Are you a turtle?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
