On Sun, Oct 30, 2011 at 9:59 PM, JennyBlunt <jennyshoeh...@me.com> wrote: > that's what I was trying to get to - am happy to set an expiration upon first > login - just wanted to see if I could achieve the desired with the built in > functions etc.
You really need to make sure you know EXACTLY what you want, and tell what that is in a clear manner, so they can help you better. Anyway, if you just want to set expiration after a user logs in, try using unlang in post-auth section. See "man unlang" for details. Something like post-auth { ... update control { Tmp-String-0 := "%{sql: SELECT ID FROM radcheck WHERE username='%{User-Name}' AND attribute='Expiration'}" } if (! "%{control.Tmp-String-0}") { update control { Tmp-String-0 := "%{sql: INSERT INTO radcheck (username,atrribute,op,value) values (...)}; SELECT NOW()" } } ... } The above snippet is just an example from the top of my head and incomplete. Basically after a succesful login, you check whether an entry for Expiration already exists in radcheck, and insert it if it isn't already there. The last "SELECT NOW()" is so that the query returns a value so FR won't complain. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html