35 lines
814 B
Plaintext
35 lines
814 B
Plaintext
# This is a simple server for the MS SoH requests generated by the
|
|
# peap module - see "eap.conf" for more info
|
|
|
|
# Requests are ONLY passed through the authorize section, and cannot
|
|
# current be proxied (in any event, the radius attributes used are
|
|
# internal).
|
|
|
|
server soh-server {
|
|
authorize {
|
|
if (SoH-Supported == no) {
|
|
# client NAKed our request for SoH - not supported, or turned off
|
|
update config {
|
|
Auth-Type = Accept
|
|
}
|
|
}
|
|
else {
|
|
# client replied; check something - this is a local policy issue!
|
|
if (SoH-MS-Windows-Health-Status =~ /antivirus (warn|error) /) {
|
|
update config {
|
|
Auth-Type = Reject
|
|
}
|
|
update reply {
|
|
Reply-Message = "You must have antivirus enabled & installed!"
|
|
}
|
|
}
|
|
else {
|
|
update config {
|
|
Auth-Type = Accept
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|