rlm_perl.ini

[Default]
URL = https://localhost/validate/check
#REALM = someRealm
#RESCONF = someResolver
SSL_CHECK = false
#SSL_CA_PATH =
#DEBUG = true

#[Mapping]
#serial = privacyIDEA-Serial

[Mapping user]
# The Mapping is used to add attributes to the RADIUS response.
# The value is read from the privacyIDEA response.
# In this case the content of the privacyIDEA response
#   detail->user->group
# will be written to the RADIUS response attribute "Class".
#
#group = Class

[Attribute Filter-Id]
# With the multivalue attributes in the user response of privacyIDEA
# we can also do an attribute mangling.
# privacyIDEA may return a value like
#   detail : { user : { acl : ["CN=vpn-user,ou=sales,dc=example,dc=com",
#                                   "CN=domain users,ou=sales,dc=example,dc=com"]}}}
#
# The below example would match the privacyIDEA userAttribute "acl" and check if the
# value matches the regex. If it does, it will add the substring $1 as the
# "Filter-Id" to the RADIUS response.
# The ini file can contain several "Attribute" groups, to add several RADIUS attributes
# to the response.
#
#dir = user
#userAttribute = acl
#regex = CN=(\w*)-user,OU=sales,DC=example,DC=com
#prefix =
#suffix =

[Attribute otherAttribute]
# If you want to have more mapping rules for a RADIUS attribute you
# can give the section an arbitrary name and use the key "radiusAttribute".
#
# This example will set the Filter-Id to "FIXEDValue" if the user is located in
# resolver1.
#
#radiusAttribute = Filter-Id
#userAttribute = user-resolver
#regex = resolver1
#prefix = FIXEDValue

[Attribute Class]
# This example will add the RADIUS Attribute Class = SomeOtherValue
# if the user is in the resolver "myResolverName".
#
#userAttribute = user-resolver
#regex = myResolverName
#prefix = SomeOtherValue