hi, Matthew, I would say the check is a little sparse....and assumes nothing else is in play...such as realms/proxying.... for what if my username was
host\u...@other.realm.com its quite likely that this user would get proxied back to their home site.....hence better to ensure the regex pattern is a bit tighter. ah, joys of policies. oh. actually, yes, you should ignore that i said add it to authorize.. what you SHOULD do is add the check to policy.conf and then call that policy name in authorize. ah, thats better, can sleep now! ;-) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html