> > # BOL, "host", a slash, one or more non-dot characters, a dot,
> > # one or more non-whitespace chars, EOL.
> > if ( User-Name =~ /^host\/([^\.])+\.(\S+)$/i ) {
> switch "%{2}" {
> case 'my-domain-string-1' {
> update control {
> Proxy-To-Realm := 'my-domain-1'
> }
> }
> case 'my-domain-string-2' {
> update control {
> Proxy-To-Realm := 'my-domain-1'
> }
> }
> case 'my-domain-string-3' {
> update control {
> Proxy-To-Realm := 'my-domain-2'
> }
> }
> case {
> # Domain not recognised
> }
> }
> > }
I took this code and modified it, assuming that if the code I wrote before
(which tries to use "COL.MISSOURI.EDU" as the realm) doesn't work, I can use
the code above to take FOO.MISSOURI.EDU and proxy to the NT domain FOO-USERS,
which is more than just massaging the User-Name field. The switch statement
will be necessary to translate the AD domain into the correct NT domain.
"radiusd -XC" likes it. Hopefully, I'll be able to tell if one or both of
these schemes works fairly early tomorrow.
Thanks!
--J
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
