Il 23/01/2012 14:48, Arnaud Loonstra ha scritto: > But I reckon you could also do something like that in post-auth section > if (Ldap-Group == "cn=mygroup,ou=groups,o=radius") { > update reply { > Tunnel-type = VLAN > Tunnel-medium-type = IEEE-802 > Tunnel-Private-Group-Id = 1 > } > } I think it could be possible to do the same using exec, a script and wbinfo... Just still don't know how. With for T in $(wbinfo --user-domgroups `wbinfo -n <ADusername>`) ; do wbinfo -s $T; done I can get all AD groups <ADusername> is into. Checking group membership would be even easier. But how do I set Tunnel-Private-Group-Id from an exec-ed script?
BYtE, Diego. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html