In FreeRADIUS version 1.x I was able to add a vendor specific AV pair to an Access-Accept message based on the User-Name. Users are *not* specifying a realm, therefore the FR 1.x server proxies all requests to another RADIUS server by virtue of the NULL stanza in the proxy.conf file. The post_proxy_authorize directive is set to "yes" inside proxy.conf, so the users file is processed twice (on request and response).
The FR 1.x users file contains an entry similar to the following: foo User-Name == "foo" Vendor-User-Group += "bar" When user foo successfully authenticates, the Vendor-User-Group attribute is passed from FR to the NAS with the value "bar". I want to set the value of the Vendor-User-Group attribute based on the User-Name. I do not want the user to specify a realm in their User-Name and set the value of Vendor-User-Group based on the realm. How do I conditionally add an AV pair post-proxy with FreeRADIUS version 2.1.7?
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html